Social engineering is one of the most successful tactics that cyber criminals can use to get access to confidential information or infiltrate company systems and networks. Its success depends on gaining trust. This is often done by using information that can be gathered about a person (e.g., social media posts), to make a connection with them seem genuine.
But are there certain groups of people who are more susceptible to social engineering? Apparently yes. According to a recent publication, there are three demographic factors that can influence the success of a social engineering attack.
1. The target’s age
The age of the target can have an impact on how successful a social engineering attack is. Younger demographics are more likely to click on links in phishing emails. In fact digital natives (those aged 18 to 41) are 65% more likely than older users to click on harmful links. This can partly be attributed to the fact that this demographic has grown up with the internet and is therefore more trusting of online interactions.
2. The gender of the target
There is a significant link between the gender of a target and the success of the attack, with women more likely to fall victim than men. This can be because women are more open to communication and susceptible to replying to ‘junk’ adverts than men, exposing them to more potential phishing attacks.
3. The target’s education
There have been a lot of studies that show those with higher levels of education also have higher levels of suspicion, and are therefore less likely to be taken in by phishing. This also varies depending on the subject the person studied. There is, however, some evidence that education doesn’t have an impact, and even some studies that conclude those with higher education are more susceptible to phishing.
Overall, whilst it’s interesting to note these demographic trends, the reality is that anyone can be a victim, particularly as cyber criminals are getting more sophisticated with their attacks. Whilst the jury is out on whether there is a link between general higher education levels and the success of social engineering attacks, it’s clear that specific education around cybersecurity can make people more aware of the techniques cyber criminals use. And this awareness can prevent you from becoming a victim.