Social Engineering ist ein zunehmend beliebter Angriffsvektor, der von Kriminellen verwendet wird, um erfolgreich Menschen zu manipulieren. Das Ziel ist es vordergründig Personen anzugreifen und nicht die IT-Systeme, die sie nutzen. Dazu sammeln die Kriminellen so viele Informationen wie möglich über ihre menschlichen Vorlieben und Interessen. Social-Media-Portale sind dazu eine gute Informationsquelle. In diesem Projekt wird die Vorgehensweise einer entwickelten Software beschrieben, die automatisch einen Link einer Person von offiziellen und seriösen LinkedIn-Profilen zu den privaten Accounts auf Instagram findet. Durch diese Automatisierung und die Analyse der veröffentlichten Inhalte kann eine Risikoeinschätzung gegeben werden, wie viele berufliche und persönliche Informationen für einen erfolgreicheren Social-Engineering-Angriff genutzt werden könnten.

Measurement studies are essential for research and industry alike to understand the Web’s inner workings better and help quantify specific phenomena. Performing such studies is demanding due to the dynamic nature and size of the Web. An experiment’s careful design and setup are complex, and many factors might affect the results. However, while several works have independently observed differences in the outcome of an experiment (e.g., the number of observed trackers) based on the measurement setup, it is unclear what causes such deviations. This work investigates the reasons for these differences by visiting 1.7M webpages with five different measurement setups. Based on this, we build ‘dependency trees’ for each page and cross-compare the nodes in the trees. The results show that the measured trees differ considerably, that the cause of differences can be attributed to specific nodes, and that even identical measurement setups can produce different results.

This Paper explores how emergent technologies such as 6G and tactile Internet can potentially enhance cognitive, personal informatics (CPI) in participatory healthcare, promoting patient-centered healthcare models through high-speed, reliable communication networks. It highlights the transition to improved patient engagement and better health outcomes facilitated by these technologies, underscoring the importance of ultra-reliable, low-latency communications (URLLC) and realizing the tactile Internet’s potential in healthcare. This innovation could dramatically transform telemedicine and mobile health (mHealth) by enabling remote healthcare delivery while providing a better understanding of the inner workings of the patient. While generating many advantages, these developments have disadvantages and risks. Therefore, this study addresses the critical security and privacy concerns related to the digital transformation of healthcare. Our work focuses on the challenges of managing and understanding cognitive data within the CPI and the potential threats from analyzing such data. It proposed a comprehensive analysis of potential vulnerabilities and cyber threats, emphasizing the need for robust security frameworks designed with resilience in mind to protect sensitive cognitive data. We present scenarios for reward and punishment systems and their impacts on users. In conclusion, we outline a vision for the future of secure, resilient, and patient-centric digital healthcare systems that leverage 6G and the tactile Internet to enhance the CPI. We offer policy recommendations and strategic directions for stakeholders to create a secure, empowering environment for patients to manage their cognitive health information.

Abstract This paper challenges the conventional assumption in cybersecurity that users act as rational actors. Despite numerous technical solutions, awareness campaigns, and organizational strategies aimed at bolstering cybersecurity, these often overlook the prevalence of non-rational user behavior. Our study, involving a survey of 208 participants, empirically demonstrates this aspect. We found that a significant portion of users (55.3%) would accept a substantial risk (35%) to click on a potentially malicious link or attachment. This propensity increases to 61% when users are led to believe there is a 65% chance of facing no adverse consequences. To address this irrationality, we explored the efficacy of nudging mechanisms within email systems. Our qualitative user study revealed that incorporating a simple colored nudge in the email intably enhance the ability of users to discern malicious emails, improving decision-making accuracy by an average of 10%.