The Rise in Cybercrime and the Dynamics of Exploiting the Human Vulnerability Factor

  • Dr. Nabie Y. Conteh Department of Computer Information Systems, College of Business & Public Administration Southern University at New Orleans, 6801 Press Drive, Suite 108, New Orleans, Louisiana 70126, USA
  • Malcolm D. Royer Department of Cyber Security and Information Assurance, Graduate School of MGT and Technology University of Maryland University College Adelphi, Maryland, USA
Keywords: Social Engineering, Cybercrime, Cyber theft, Network Intrusions, Preventive Measures.


This paper is primarily intended to firstly define and review the literature in cybersecurity and vividly shed light on the mechanisms involved in the social engineering phenomenon. It will discuss the various attempts at network intrusion and the steps typically taken in the implementation of cyber-thefts. The paper will provide the rationale behind the justification of why humans are considered to be the weakest link in these attacks. The study will also explain the reasons for the rise in cybercrimes and their impact on Organizations. In closing, the paper will put forward some recommendations to serve as preventative measures and solutions to the threats and vulnerabilities posed by cyber-attacks. Finally, measures, such as conducting regular, thorough, and relevant awareness training, frequent drills and realistic tests will be addressed with a view to maintaining a steady focus on the overall discipline of the organization thereby hardening that component of the network that is the softest by nature—the human vulnerability factor.


Braiker, H. B. (2004). Who’s pulling your strings?: How to break the cycle of manipulation and regain control of your life. New York, NY: McGraw-Hill.

Curry, S. J. J. (2013). Instant-messaging security. In J. Vacca (Ed.), Computer and information security handbook (2nd ed., p. 727). Boston, MA: Morgan Kaufmann.

Enterprise Risk Management. (2009, November). Social engineering: People hacking. Retrieved from

Felson, M., & Clarke, R. V. (1998). Opportunity makes the thief: Practical theory for crime prevention (Police Research Series Paper 98). Retrieved from

Granger, S. (2010, November 3). Social engineering fundamentals, part 1: Hacker tactics. Retrieved from

Grover, R., Hosenball, M., & Finkle, J. (2014, December 3). Sony Pictures struggles to recover eight days after cyber attack. Retrieved from

References marked with an asterisk indicate studies included in the meta-analysis.

*Internet Live Stats. (2014, July 1). Internet users in the world. Retrieved from

Kim, P. (2014). The hacker playbook: Practical guide to penetration testing. North Charleston, SC: Secure Planet.

Mitnick, K. D., & Simon, W. L. (2011). Ghost in the wires: My adventures as the world’s most wanted hacker. New York, NY: Back Bay Books.

Pagliery, J. (2014, May 28). Half of American adults hacked this year. Retrieved from

*Ponemon Institute. (2015, May). 2015 Cost of data breach study: United States. Retrieved from IBM website:

Simon, G. K. (2010). In sheep’s clothing: Understanding and dealing with manipulative people (2nd ed.). Little Rock, AR: Parkurst Brothers.

*Statista. (2015, August). Number of compromised data records in selected data breaches as of August 2015. Retrieved from

Yang, J. L., & Jayakumar, A. (2014, January 10). Target says up to 70 million more customers were hit by December data breach. Retrieved from

Works Consulted

Al-Johani, A. A., & Al-Msloum, A. S. (2013, November). Social engineering risks in the contemporary reality and methods of fighting these risks. International Journal of Academic Research, 5(6), 265-272.

Allen, M. (2006, June). Social engineering: A means to violate a computer system. Retrieved from

Bavisi, S. (2013). Penetration testing. In J. Vacca (Ed.), Computer and information security handbook (2nd ed., p. 535). Boston, MA: Morgan Kaufmann.

Bidgoli, H (Ed.). (2006). Handbook of information security: Threats, vulnerabilities, prevention, and management. Hoboken, NJ: John Wiley & Sons.

CBS. (2015, March 3). These cybercrime statistics will make you think twice about your password: Where’s the CSI cyber team when you need them? Retrieved from

Chen, T., & Walsh, P. (2013). Guarding against network intrusions. In J. Vacca (Ed.), Computer and information security handbook (2nd ed., p. 83). Boston, MA: Morgan Kaufmann.

Crank, C. (2014, June 30). Social engineering: How it’s used to gain cyber information. Retrieved from

Criddle, L. (2015). What is social engineering? Retrieved from

DiBello, A. (2014, December 29). Social engineering will ramp up in 2015. Retrieved from

El Emary, I., Shalhoub, M., Arif, M., Alsereihy, H., Shalhoub, L., & Al-Sahhaf, N. (2013, January). Social engineering and its effective role in securing and defending the knowledge community. International Journal of Academic Research, 5(1), 95-100.

Goodrich, M., & Tamassia, R. (2011). Introduction to computer security. Boston, MA: Pearson.

Greabu-Serban, V., & Serban, O. (2014). Social engineering a general approach. Informatica Economica, 18(2), 5-14.

Hadnagy, C. (2010). Social engineering: The art of human hacking. Indianapolis, IN: Wiley

Hadnagy, C. (2014). Unmasking the social engineer: The human element of security. Indianapolis, IN: John Wiley & Sons.

Harley, D. (1998). Re-floating the Titanic: Dealing with social engineering attacks. In EICAR 98 Conference Proceedings [Compact disk]. EICAR. Retrieved from

Harman, P. (2015, May 13). Businesses beware: Social engineering fraud could cost you millions. Claims Magazine, 63(6), 12-13. Retrieved from

Harman, P. (2015, August 7). Social engineering scams: How hackers are stealing from your clients. Retrieved from

Harman, P. (2015, October 2). Cyber crime: The gift that keeps on giving. Retrieved from

Honan, B. (2015, August 6). Ubiquiti Networks victim of $39 million social engineering attack. Retrieved from

*IBM Security. (2015). IBM 2015 cyber security intelligence index. Retrieved from IBM website:

Lascano, S. (2014, September 4). Malware bypasses Chrome extension security feature. Retrieved from

Lieu, C. (2002). Social engineering - attacking the weakest link. Retrieved from

Mitnick, K. D., & Simon, W. L. (2003). The art of deception: Controlling the human element of security. Indianapolis, IN: Wiley.

Patil, H., Wing, D., & Chen, T. (2013). VoIP security. In J. Vacca (Ed.), Computer and information security handbook (2nd ed., pp. 877-878). Boston, MA: Morgan Kaufmann.

Peters, S. (2015, March 17). The 7 best social engineering attacks ever. Retrieved from

Social-Engineer.Org. (2014, April 28). The social engineering infographic. Retrieved from

Swanson, C., Chamelin, N., Territo, L., & Taylor, R. (2011). Criminal investigation (11th ed.). New York, NY: McGraw-Hill.

Valacich, J., & Schneider, C. (2014). Information systems today: Managing in the digital world (6th ed.). Boston, MA: Pearson.

Walker, D. (2014, May 29). Iranian spies bait U.S. officials in years-long social engineering scheme. Retrieved from

Walker, D. (2014, June 11). Clandestine Fox attack op uses social engineering to woo new victims. Retrieved from

Webopedia. (n.d.). Social engineering. Retrieved from

Weise, E. (2014, September 24). 43% of companies had a data breach in the past year. Retrieved from

How to Cite
Y. Conteh, D. N., & D. Royer, M. (2016). The Rise in Cybercrime and the Dynamics of Exploiting the Human Vulnerability Factor. International Journal of Computer (IJC), 20(1), 1-12. Retrieved from