Home // International Journal On Advances in Security, volume 18, numbers 1 and 2, 2025 // View article
Authors:
Dominik Dana
Timea Pahi
Sebastian Schrittwieser
Simon Tjoa
Petter Kieseberg
Keywords: Automated Social Engineering; Social Engineering Frameworks; Social Engineering Models; Technical Social Engi- neering
Abstract:
The manual effort required by social engineers to obtain information about people and organizations that are in their focus can be extremely high in case of targeted attacks. Attackers, therefore, strive to automate processes as much as possible. With a few menu entries and selections, it is already possible to export email addresses from social media profiles, as well as to send friend requests and phishing messages to a large number of people. In this paper, we analyze the most popular frameworks for modeling Social Engineering attacks and generate a simplified and generalized meta-model. Based on this model, it was analyzed which parts of Social Engineering attacks can be automated using state-of-the-art tools that are readily available. The capabilities of these tools were thoroughly evaluated, including ready-to-use system environments. This work is an extended version of our work conducted presented at ICCGI 2024.
Pages: 1 to 16
Copyright: Copyright (c) to authors, 2025. Used with permission.
Publication date: June 30, 2025
Published in: journal
ISSN: 1942-2636