Abstract:
"As per the present day valuation Information is considered as one of the most valuable
assets. Due to that fact it is un-avoidable that it would create a market for information
which are obtained illegal manner. Many organizations in the present day keep their
information in digital means and majority of the organizational work flow is also carried
out through the electronic media mostly through computer systems. Therefore,
organizations allocate large amount of budget to protect the organizational cyber space.
Even though the organization spend massive amount of money and resources on
protecting the cyber space and even if there are state-of-the-art security systems and
solutions are implemented and placed there is one part of the system which is tend to be
vulnerable which is the user. Because the user operates on human emotions rather pure
logics. Therefore, these emotions can be manipulated, hence social engineering.
Current organizations do have security measurements for minimize social engineering
attacks. But these controls are used to mitigate traditional social engineering attacks such
as phishing, sphere phishing, quid pro-quo, pre-texting are some of them. But now social
engineers tend to weaponized social issues such as racism as an exploitation method for
their social engineering attacks. Un-fortunately due to the novelty of such attacks
organizations still do not have any proper controls for such specific type of modern
social engineering attack. Therefore, A Conceptual Framework for Detecting and
Mitigating Racism Based Social Engineering Attacks in an Organization was developed
to fill the gap in such security controls."
