School of Regulation and Global Governance (RegNet)

In a recent study, researchers from the Australian National University (ANU) lead by Roderic Broadhurst, Director of the ANU Cybercrime Observatory, explored the degree to which students are susceptible to social engineering directives such as fake emails or phishing.

Over several months, the team of researchers comprised of Roderic Broadhurst, Katie Skinner, Nicholas Sifniotis, Bryan Matamoros-Macias and Yuguang Ipsen, observed students’ responses to three different scam email types with varying degrees of individualisation: generic, tailored, and targeted or ‘spear’.

Interestingly, the research revealed that awareness of cybercrime, the level of IT competence and perceived internet safety, didn’t impact a student’s susceptibility to getting scammed.

However, researchers demonstrated that the relevance and saliency of the scam email’s content, did in fact influence student’s susceptibility to getting scammed.

Another important result was that international students and first year students were found to be more vulnerable to social engineering directives, given that they were deceived by significantly more scams compared to domestic students and later year students.

Following the publication of the research in the Australian Institute of Criminology’s Trends & issues in crime and criminal justice, Roderic Broadhurst commented:

“Manipulation (social engineering) of emails and texts to deceive people to upload phishing and ransomware remain significant risks for everyone.

“This remains the case today and the future – educational institutions need to do more to help international and new students avoid cyber “attacks”.

“Students underestimate the importance of identity theft as a precursor to many serious crimes and an empty bank account does not mean that they are not also valuable targets.”

Read more on this topic in ‘Phishing risks in a university student community’.

Image: Pixel 2013 (Pixabay) under Pixabay Licence.