Social Engineering Attack concepts, frameworks, and Awareness: A Systematic Literature Review

Abstract

The growth of data exchange and the dependency on the digital world through cyberspace raise security risks. Social engineering attacks occupy high percentage of total cybercrimes. It is also classified as the major cause of financial losses in cyberspace. This shows the need to clarify social engineering definition and clarify the proposed frameworks solutions by different researchers. This paper explores the previous researches that try to extract different concepts and perspectives which are called lifecycles, phases, frameworks, models, or a mix of them, knowing this and the development of the framework help us facing the threat of social engineering. Most of the studies agree on the effect of a comprehensive framework and how it affects positively. The results express the need for more empirical studies, government permissions, financial support to improve the conceptual frameworks to apply them to a wide range of societies, and more focus on awareness responsibility for government, users, and organizations. This study is A systematic literature review that uses Prisma methodology to extract and analyze eligible research criteria to achieve the objective of describing social engineering attack frameworks comprehensively This paper finds are the urgent need for an empirical comprehensive conceptual framework and government support to facilitate access to data, education curriculum, and enact laws. On the other hand, it emphasizes limitations, risk of bias, and future work in each study. In future work, the author suggests adding the defense perspective as a phase.