Have a personal or library account? Click to login
Illusion of Presence: Physical Deception and Direct Manipulation in Social Engineering Cover

Illusion of Presence: Physical Deception and Direct Manipulation in Social Engineering

Journal of Information Assurance and Security
Volume 20 (2025): Issue 3 (December 2025)
By: Jibran Rasheed Khan,  Sumaira Mustafa Qureshi,  Farhan Ahmed Siddiqui and  Syed Asim Ali  
Open Access
|Dec 2025

References

  1. Z. Wang, L. Sun, and H. Zhu, “Defining Social Engineering in Cybersecurity,” IEEE Access, vol. 8, pp. 85094–85115, 2020, doi: 10.1109/ACCESS.2020.2992807.
    Open DOISearch in Google ScholarBack to article
  2. A. Ferreira, L. Coventry, and G. Lenzini, “Principles of persuasion in social engineering and their use in phishing,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 9190, no. May 2017, pp. 36–47, 2015, doi: 10.1007/978-3-319-20376-8_4.
    Open DOISearch in Google ScholarBack to article
  3. M. A. Siddiqi, W. Pak, and M. A. Siddiqi, “A Study on the Psychology of Social Engineering-Based Cyberattacks and Existing Countermeasures,” Appl. Sci., vol. 12, no. 12, 2022, doi: 10.3390/app12126042.
    Open DOISearch in Google ScholarBack to article
  4. G. Sarkar and S. K. Shukla, “Behavioral analysis of cybercrime: Paving the way for effective policing strategies,” J. Econ. Criminol., vol. 2, no. August, p. 100034, 2023, doi: 10.1016/j.jeconc.2023.100034.
    Open DOISearch in Google ScholarBack to article
  5. H. Taherdoost, “Analyzing Influential Psychological Factors in Social Engineering; Human Psyche and Cybersecurity,” Psychomachina, vol. 1, pp. 1–7, Feb. 2024, doi: 10.59388/pm00374.
    Open DOISearch in Google ScholarBack to article
  6. S. Kuraku, D. Kalla, N. Smith, and F. Samaah, “Exploring How User Behavior Shapes Cybersecurity Awareness in the Face of Phishing Attacks,” Int. J. Comput. Trends Technol., vol. 71, no. 11, pp. 74–79, 2023, [Online]. Available: https://doi.org/10.14445/22312803/IJCTT-V71I11P111
    Search in Google ScholarBack to article
  7. N. F. Khan, N. Ikram, S. Saleem, and S. Zafar, Cyber-security and risky behaviors in a developing country context: a Pakistani perspective, vol. 36, no. 2. Palgrave Macmillan UK, 2023. doi: 10.1057/s41284-022-00343-4.
    Open DOISearch in Google ScholarBack to article
  8. Z. Alkhalil, C. Hewage, L. Nawaf, and I. Khan, “Phishing Attacks: A Recent Comprehensive Study and a New Anatomy,” Front. Comput. Sci., vol. 3, no. March, pp. 1–23, 2021, doi: 10.3389/fcomp.2021.563060.
    Open DOISearch in Google ScholarBack to article
  9. A. H. Washo, “An interdisciplinary view of social engineering: A call to action for research,” Comput. Hum. Behav. Reports, vol. 4, p. 100126, 2021, doi: 10.1016/j.chbr.2021.100126.
    Open DOISearch in Google ScholarBack to article
  10. A. Abzakh and A. Althunibat, “A Review: Human Factor and Cybersecurity,” IEEE Xplore, 2023, doi: 10.1109/ICIT58056.2023.10225828.
    Open DOISearch in Google ScholarBack to article
  11. G. Desolda, L. S. Ferro, A. Marrella, T. Catarci, and M. F. Costabile, “Human Factors in Phishing Attacks: A Systematic Literature Review,” ACM Comput. Surv., vol. 54, no. 8, 2022, doi: 10.1145/3469886.
    Open DOISearch in Google ScholarBack to article
  12. M. F. Arroyabe, C. F. A. Arranz, I. F. De Arroyabe, and J. C. F. de Arroyabe, “Revealing the realities of cybercrime in small and medium enterprises: Understanding fear and taxonomic perspectives,” Comput. Secur., vol. 141, no. February, p. 103826, 2024, doi: 10.1016/j.cose.2024.103826.
    Open DOISearch in Google ScholarBack to article
  13. W. Syafitri, Z. Shukur, U. A. Mokhtar, R. Sulaiman, and M. A. Ibrahim, “Social Engineering Attacks Prevention: A Systematic Literature Review,” IEEE Access, vol. 10, pp. 39325–39343, 2022, doi: 10.1109/ACCESS.2022.3162594.
    Open DOISearch in Google ScholarBack to article
  14. B. S. Almutairi and A. Alghamdi, “The Role of Social Engineering in Cybersecurity and Its Impact,” J. Inf. Secur., vol. 13, no. 04, pp. 363–379, 2022, doi: 10.4236/jis.2022.134020.
    Open DOISearch in Google ScholarBack to article
  15. R. F. Abu Hweidi and D. Eleyan, “Social Engineering Attack concepts, frameworks, and Awareness: A Systematic Literature Review,” Int. J. Comput. Digit. Syst., vol. 13, no. 1, pp. 691–700, 2023, doi: 10.12785/ijcds/130155.
    Open DOISearch in Google ScholarBack to article
  16. M. Dixon-Woods et al., “Conducting a critical interpretive synthesis of the literature on access to healthcare by vulnerable groups,” BMC Med. Res. Methodol., vol. 6, no. 1, p. 35, Dec. 2006, doi: 10.1186/1471-2288-6-35.
    Open DOISearch in Google ScholarBack to article
  17. M. Dixon-Woods et al., “How can systematic reviews incorporate qualitative research? A critical perspective,” Qual. Res., vol. 6, no. 1, pp. 27–44, Feb. 2006, doi: 10.1177/1468794106058867.
    Open DOISearch in Google ScholarBack to article
  18. E. Barnett-Page and J. Thomas, “Methods for the synthesis of qualitative research: a critical review,” BMC Med. Res. Methodol., vol. 9, no. 1, p. 59, Dec. 2009, doi: 10.1186/1471-2288-9-59.
    Open DOISearch in Google ScholarBack to article
  19. F. Salahdine and N. Kaabouch, “Social engineering attacks: A survey,” Futur. Internet, vol. 11, no. 4, 2019, doi: 10.3390/FI11040089.
    Open DOISearch in Google ScholarBack to article
  20. J. M. Hatfield, “Social engineering in cybersecurity: The evolution of a concept,” Comput. Secur., vol. 73, pp. 102–113, 2018, doi: 10.1016/j.cose.2017.10.008.
    Open DOISearch in Google ScholarBack to article
  21. B. B. Gupta, A. Tewari, A. K. Jain, and D. P. Agrawal, “Fighting against phishing attacks: state of the art and future challenges,” Neural Comput. Appl., vol. 28, no. 12, pp. 3629–3654, 2017, doi: 10.1007/s00521-016-2275-y.
    Open DOISearch in Google ScholarBack to article
  22. A. Smith, M. Papadaki, and S. M. Furnell, “Improving Awareness of Social Engineering Attacks,” in IFIP International Federation for Information Processing 2013, Springer, 2013, pp. 249–256.
    Search in Google ScholarBack to article
  23. Z. Wang, H. Zhu, and L. Sun, “Social Engineering in Cybersecurity: Effect Mechanisms, Human Vulnerabilities and Attack Methods,” IEEE Access, vol. 9, pp. 11895–11910, 2021, doi: 10.1109/ACCESS.2021.3051633.
    Open DOISearch in Google ScholarBack to article
  24. B. Banire, D. Al Thani, and Y. Yang, “Investigating the experience of social engineering victims: Exploratory and user testing study,” Electron., vol. 10, no. 21, 2021, doi: 10.3390/electronics10212709.
    Open DOISearch in Google ScholarBack to article
  25. A. A. Dziwa, C. CISA, and C. CEH, “How Social Engineering Bypasses Technical Controls,” ISACA J., vol. 5, pp. 23–26, 2022, [Online]. Available: https://www.isaca.org/resources/isaca-journal/issues/2022/volume-5/how-social-engineering-bypasses-technical-controls
    Search in Google ScholarBack to article
  26. W. Fuertes et al., “Impact of Social Engineering Attacks: A Literature Review,” Smart Innov. Syst. Technol., vol. 255, no. September, pp. 25–35, 2022, doi: 10.1007/978-981-16-4884-7_3.
    Open DOISearch in Google ScholarBack to article
  27. P. Burda, L. Allodi, and N. Zannone, “Cognition in Social Engineering Empirical Research: A Systematic Literature Review,” ACM Trans. Comput. Interact., vol. 31, no. 2, 2024, doi: 10.1145/3635149.
    Open DOISearch in Google ScholarBack to article
  28. A. Maraj and W. Butler, “Taxonomy of Social Engineering Attacks: A Survey of Trends and Future Directions,” in International Conference on Cyber Warfare and Security, Mar. 2022, pp. 185–193. doi: 10.34190/iccws.17.1.40.
    Open DOISearch in Google ScholarBack to article
  29. H. Aldawood and G. Skinner, “Challenges of implementing training and awareness programs targeting cyber security social engineering,” in Proceedings - 2019 Cybersecurity and Cyberforensics Conference, CCC 2019, 2019, pp. 111–117. doi: 10.1109/CCC.2019.00004.
    Open DOISearch in Google ScholarBack to article
  30. H. Aldawood and G. Skinner, “An Advanced Taxonomy for Social Engineering Attacks,” Int. J. Comput. Appl., vol. 177, no. 30, pp. 1–11, 2020, doi: 10.5120/ijca2020919744.
    Open DOISearch in Google ScholarBack to article
  31. N. Y. Conteh and P. J. Schmick, “Cybersecurity: risks, vulnerabilities and countermeasures to prevent social engineering attacks,” Int. J. Adv. Comput. Res., vol. 6, no. 23, pp. 31–38, Feb. 2016, doi: 10.19101/IJACR.2016.623006.
    Open DOISearch in Google ScholarBack to article
  32. V. Ambika, N. Shashank, T. Kayargo, and P. Pruthvi, “A Review Article on Impact of Social Engineering Attacks against Security of IoT,” Turkish Online J. Qual. Inq., vol. 12, no. 7, pp. 13552–13560, 2021, [Online]. Available: https://www.tojqi.net/index.php/journal/article/view/6882
    Search in Google ScholarBack to article
  33. A. Naz, M. Sarwar, M. Kaleem, M. A. Mushtaq, and S. Rashid, “A comprehensive survey on social engineering-based attacks on social networks,” Int. J. Adv. Appl. Sci., vol. 11, no. 4, pp. 139–154, 2024, doi: 10.21833/ijaas.2024.04.016.
    Open DOISearch in Google ScholarBack to article
  34. A. A. Nugraha et al., “Social Engineering Awareness : A Social Science Approach to Cybersecurity Education,” in The 3rd International Conference on Education Innovation and Social Science, 2024, pp. 376–386.
    Search in Google ScholarBack to article
  35. K. L. Chiew, K. S. C. Yong, and C. L. Tan, “A survey of phishing attacks: Their types, vectors and technical approaches,” Expert Syst. Appl., vol. 106, pp. 1–20, 2018, doi: 10.1016/j.eswa.2018.03.050.
    Open DOISearch in Google ScholarBack to article
  36. H. Aldawood and G. Skinner, “A Taxonomy for Social Engineering Attacks via Personal Devices,” Int. J. Comput. Appl., vol. 178, no. 50, pp. 19–26, 2019, doi: 10.5120/ijca2019919411.
    Open DOISearch in Google ScholarBack to article
  37. R. Alabdan, “Phishing attacks survey: Types, vectors, and technical approaches,” Futur. Internet, vol. 12, no. 10, pp. 1–39, 2020, doi: 10.3390/fi12100168.
    Open DOISearch in Google ScholarBack to article
  38. S. K. Birthriya, P. Ahlawat, and A. K. Jain, “A Comprehensive Survey of Social Engineering Attacks: Taxonomy of Attacks, Prevention, and Mitigation Strategies,” J. Appl. Secur. Res., vol. 0, no. 0, pp. 1–49, Jul. 2024, doi: 10.1080/19361610.2024.2372986.
    Open DOISearch in Google ScholarBack to article
  39. A. K. Jain and B. B. Gupta, “A survey of phishing attack techniques, defence mechanisms and open research challenges,” Enterp. Inf. Syst., vol. 16, no. 4, pp. 527–565, 2022, doi: 10.1080/17517575.2021.1896786.
    Open DOISearch in Google ScholarBack to article
  40. B. Atkins and W. Huang, “A Study of Social Engineering in Online Frauds,” Open J. Soc. Sci., vol. 01, no. 03, pp. 23–32, 2013, doi: 10.4236/jss.2013.13004.
    Open DOISearch in Google ScholarBack to article
  41. D. Alharthi and A. Regan, “A Literature Survey and Analysis on Social Engineering Defense Mechanisms and Infosec Policies,” Int. J. Netw. Secur. Its Appl., vol. 13, no. 2, pp. 41–61, Mar. 2021, doi: 10.5121/ijnsa.2021.13204.
    Open DOISearch in Google ScholarBack to article
  42. K. Krombholz, H. Hobel, M. Huber, and E. Weippl, “Advanced social engineering attacks,” J. Inf. Secur. Appl., vol. 22, pp. 113–122, Jun. 2015, doi: 10.1016/j.jisa.2014.09.005.
    Open DOISearch in Google ScholarBack to article
  43. C. Sekhar Bhusal, “Systematic Review on Social Engineering: Hacking by Manipulating Humans,” J. Inf. Secur., vol. 12, no. 01, pp. 104–114, 2021, doi: 10.4236/jis.2021.121005.
    Open DOISearch in Google ScholarBack to article
  44. Z. Wang, H. Zhu, P. Liu, and L. Sun, “Social engineering in cybersecurity: a domain ontology and knowledge graph application examples,” Cybersecurity, vol. 4, no. 1, 2021, doi: 10.1186/s42400-021-00094-6.
    Open DOISearch in Google ScholarBack to article
  45. J.-W. Bullée and M. Junger, “Social Engineering,” in The Palgrave Handbook of International Cybercrime and Cyberdeviance, no. October, Cham: Springer International Publishing, 2019, pp. 1–28. doi: 10.1007/978-3-319-90307-1_38-1.
    Open DOISearch in Google ScholarBack to article
  46. B. Azizbek Zoxid ugli, “The Impact of Social Engineering on Cybercrime: Psychological Manipulation and Prevention Methods,” Int. J. Cyber Law, p. 5, 2023, [Online]. Available: https://irshadjournals.com/index. php/ijcl/article/view/52/38
    Search in Google ScholarBack to article
  47. K. Chetioui, B. Bah, A. O. Alami, and A. Bahnasse, “Overview of Social Engineering Attacks on Social Networks,” Procedia Comput. Sci., vol. 198, no. 2021, pp. 656–661, 2021, doi: 10.1016/j.procs.2021.12.302.
    Open DOISearch in Google ScholarBack to article
  48. M. Zaoui, B. Yousra, S. Yassine, M. Yassine, and O. Karim, “A Comprehensive Taxonomy of Social Engineering Attacks and Defense Mechanisms: Toward Effective Mitigation Strategies,” IEEE Access, vol. 12, no. May, pp. 72224–72241, 2024, doi: 10.1109/ACCESS.2024.3403197.
    Open DOISearch in Google ScholarBack to article
  49. T. Rathod, N. K. Jadav, S. Tanwar, A. Alabdulatif, D. Garg, and A. Singh, “A comprehensive survey on social engineering attacks, countermeasures, case study, and research challenges,” Inf. Process. Manag., vol. 62, no. 1, p. 103928, 2025, doi: 10.1016/j.ipm.2024.103928.
    Open DOISearch in Google ScholarBack to article
  50. T. Grassegger and D. Nedbal, “The role of employees’ information security awareness on the intention to resist social engineering,” Procedia Comput. Sci., vol. 181, no. 2019, pp. 59–66, 2021, doi: 10.1016/j.procs.2021.01.103.
    Open DOISearch in Google ScholarBack to article
  51. N. Duarte, N. Coelho, and T. Guarda, “Social Engineering: The Art of Attacks,” Commun. Comput. Inf. Sci., vol. 1485 CCIS, pp. 474–483, 2021, doi: 10.1007/978-3-030-90241-4_36.
    Open DOISearch in Google ScholarBack to article
  52. R. Montañez, A. Atyabi, and S. Xu, “Social engineering attacks and defenses in the physical world vs. cyberspace: A contrast study,” in Cybersecurity and Cognitive Science, Elsevier, 2022, pp. 3–41. doi: 10.1016/B978-0-323-90570-1.00012-7.
    Open DOISearch in Google ScholarBack to article
  53. A. Lopes, H. S. Mamede, L. Reis, and A. Santos, “Common Techniques, Success Attack Factors and Obstacles to Social Engineering: A Systematic Literature Review,” Emerg. Sci. J., vol. 8, no. 2, pp. 761–794, 2024, doi: 10.28991/ESJ-2024-08-02-025.
    Open DOISearch in Google ScholarBack to article
  54. M. Hasan, “Common Cybersecurity Vulnerabilities: Software Bugs, Weak Passwords, Misconfigurations, Social Engineering,” Glob. Mainstream J. Innov. Eng. Emerg. Technol., vol. 03, no. 04, pp. 42–57, 2024, doi: 10.62304/jieet.v3i4.193.
    Open DOISearch in Google ScholarBack to article
  55. Y. Kano and T. Nakajima, “Trust factors of social engineering attacks on social networking services,” LifeTech 2021 - 2021 IEEE 3rd Glob. Conf. Life Sci. Technol., no. LifeTech, pp. 25–28, 2021, doi: 10.1109/LifeTech52111.2021.9391929.
    Open DOISearch in Google ScholarBack to article
  56. B. Stilwell, “The worst cyber attack in DoD history came from a USB drive found in a parking lot,” wearethemighty. Accessed: Feb. 20, 2025. [Online]. Available: https://www.wearethemighty.com/mighty-history/worst-cyber-attack-usb/
    Search in Google ScholarBack to article
  57. N. Shachtman, “Under Worm Assault, Military Bans Disks, USB Drives,” Wired.com. Accessed: Feb. 20, 2025. [Online]. Available: https://www.wired.com/2008/11/army-bans-usb-d/
    Search in Google ScholarBack to article
  58. A. Moscaritolo, “Military’s ban of USB thumb drives highlights security risks,” scworld.com. Accessed: Feb. 18, 2025. [Online]. Available: https://www.scworld.com/news/militarys-ban-of-usb-thumb-drives-highlights-security-risks
    Search in Google ScholarBack to article
  59. M. Tischer et al., “Users Really Do Plug in USB Drives They Find,” in 2016 IEEE Symposium on Security and Privacy (SP), IEEE, May 2016, pp. 306–319. doi: 10.1109/SP.2016.26.
    Open DOISearch in Google ScholarBack to article
  60. Robert Abel, “Luxury hackers crack Bimmers and Benzes, a tale of BMW’s bugs and Mercedes-Benz thugs,” scworld.com. Accessed: Feb. 15, 2025. [Online]. Available: https://www.scworld.com/news/luxury-hackers-crack-bimmers-and-benzes-a-tale-of-bmws-bugs-and-mercedes-benz-thugs
    Search in Google ScholarBack to article
  61. I. A. M. Abass, “Social Engineering Threat and Defense: A Literature Survey,” J. Inf. Secur., vol. 09, no. 04, pp. 257–264, 2018, doi: 10.4236/jis.2018.94018.
    Open DOISearch in Google ScholarBack to article
  62. T. Mashiane and E. Kritzinger, “Cybersecurity Behaviour: A Conceptual Taxonomy,” in 12th IFIP International Conference on Information Security Theory and Practice (WISTP), Brussels, Belgium, 2019, pp. 147–156. doi: 10.1007/978-3-030-20074-9_11.
    Open DOISearch in Google ScholarBack to article
  63. M. R. Arabia-Obedoza, G. Rodriguez, A. Johnston, F. Salahdine, and N. Kaabouch, “Social Engineering Attacks A Reconnaissance Synthesis Analysis,” in 2020 11th IEEE Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), IEEE, Oct. 2020, pp. 0843–0848. doi: 10.1109/UEMCON51285.2020.9298100.
    Open DOISearch in Google ScholarBack to article
  64. M. Hijji and G. Alam, “A Multivocal Literature Review on Growing Social Engineering Based Cyber-Attacks/Threats During the COVID-19 Pandemic: Challenges and Prospective Solutions,” IEEE Access, vol. 9, pp. 7152–7169, 2021, doi: 10.1109/ACCESS.2020.3048839.
    Open DOISearch in Google ScholarBack to article
  65. N. A. Odeh, D. Eleyan, and A. Eleyan, “A Survey of Social Engineering Attacks :,” J. Theor. Appl. Inf. Technol., vol. 99, no. 18, 2021.
    Search in Google ScholarBack to article
  66. N. Mashtalyar, U. N. Ntaganzwa, T. Santos, S. Hakak, and S. Ray, “Social Engineering Attacks: Recent Advances and Challenges,” in HCI for Cybersecurity, Privacy and Trust (HCII 2021), 2021, pp. 417–431. doi: 10.1007/978-3-030-77392-2_27.
    Open DOISearch in Google ScholarBack to article
DOI: https://doi.org/10.2478/ias-2025-0008 | Journal eISSN: 1554-1029 | Journal ISSN: 1554-1010
Journal RSS Feed
Language: English
Page range: 125 - 144
Published on: Dec 31, 2025
Published by: Cerebration Science Publishing Co., Limited
In partnership with: Paradigm Publishing Services
Publication frequency: 6 issues per year
Keywords:
Cybersecurity,
Social Engineering,
Human-based Attack,
Physical Attack,
Human Vulnerability,
Attack Taxonomy
Related subjects:
Computer sciences,
Fundamentals of computer sciences,
Theoretical computer sciences,
IT-security and cryptology

© 2025 Jibran Rasheed Khan, Sumaira Mustafa Qureshi, Farhan Ahmed Siddiqui, Syed Asim Ali, published by Cerebration Science Publishing Co., Limited
This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 License.

Previous articleVolume 20 (2025): Issue 3 (December 2025)Next article