![Sample our Economics, Finance,Business & Industry journals, sign in here to start your access, latest two full volumes FREE to you for 14 days]({"type":"image" , "src" : "/sda/5931/TOC-Subject-Sample-2021-Economics-Finance-Business-Industry.jpg"})
Abstract
Social engineering is becoming the most prevalent strategy used by hackers today. With continually blossoming e-commerce activity on the web, customers adopting online banking services will become prime targets for such hackers. As such, banks have a responsibility to contain this issue in order to sustain their competitive advantage. Most banks have security policies that manifest their strategy to counter hackers and yet social engineering attacks are rampant. In this study, we analyse the security policies of online banks from 11 countries in the Asia-Pacific region (APAC) region using content analysis to assess their preparedness to handle social engineering attacks. The results show that, except for phishing, there is a dearth of information regarding new and emerging trends in such attacks. The findings also show that although the majority of security best practices include preventive measures, they were presented as ‘general tips’. Without specifying the context of an attack providing these tips can be seen as an ineffective way of presenting information.
Additional information
Notes on contributors
Koteswara Ivaturi
Koteswara Ivaturi is a Doctoral student at the Department of Information Systems and Operations Management, The University of Auckland Business School. His area of research includes human vulnerabilities in information security and human-computer interaction. He has presented his research at international conferences including Conf-IRM, PACIS and AMCIS. Koteswara has a Master's degree in Information systems from the University of Surrey, Guildford, UK and has 5 years of industry experience working at Google as a Search Quality Strategist.
Lech Janczewski
Lech Janczewski has over 40 years' experience in information technology. He is Associate Professor at The University of Auckland, Department of Information Science and Operations Management. His area of research includes data security management with a special emphasis on cyber terrorism. Dr Janczewski has written over 300 publications presented in scientific journals, conference proceedings and books. He is the chairperson of the New Zealand Information Security Forum, secretary of the IFIP TC-11 committee (Security and Privacy Protection in Information Processing Systems) and a Fellow of the Institute of IT Professionals (former New Zealand Computer Society).