Social against social engineering: Concept and development of a Facebook application to raise security and risk awareness
Purpose ‐ This study attempts to develop an efficient concept to mitigate the risks of social engineering in the era of social networks. For instance friend requests on Facebook are often accepted blindly, thus granting unknown people access to profile details. These problems
fuel requirements for an application, developed in this study, that raises awareness of security issues in Facebook. Design/methodology/approach ‐ The "Theory of Planned Behaviour" (TPB), a model from psychology to predict behaviour, is used as a theoretical foundation for the
application. Attitudes, perceived behavioural control and social norms are the main variables of this model. Social norms can be massively affected by the Facebook friends and therefore an application is developed which uses this in order to raise awareness. Findings ‐ The application
propagated itself virally. Out of 117 users of the application, 15 took action to change the public-search option visibility from public to private. The use of the application took on average 10.5 minutes. Originality/value ‐ Applications that scan a Facebook profile for fishy
content already exist. However, at the time of writing this paper, no application specifically written against social engineering was known to the author.