{"id":"https://openalex.org/W7130649009","doi":"https://doi.org/10.1145/3773002.3774811","title":"Beyond Technology: Uncovering Social Engineering Vulnerabilities Through Integrated Phishing Simulation and Physical Security Audit","display_name":"Beyond Technology: Uncovering Social Engineering Vulnerabilities Through Integrated Phishing Simulation and Physical Security Audit","publication_year":2025,"publication_date":"2025-12-03","ids":{"openalex":"https://openalex.org/W7130649009","doi":"https://doi.org/10.1145/3773002.3774811"},"language":"en","primary_location":{"id":"doi:10.1145/3773002.3774811","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3773002.3774811","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Central and Eastern European eDem and eGov Days 2025","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3773002.3774811","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068383165","display_name":"P\u00e9ter B\u00e1ny\u00e1sz","orcid":"https://orcid.org/0000-0002-7308-9304"},"institutions":[{"id":"https://openalex.org/I1331168281","display_name":"Ludovika University of Public Service","ror":"https://ror.org/040yeqy86","country_code":"HU","type":"education","lineage":["https://openalex.org/I1331168281"]},{"id":"https://openalex.org/I2801923502","display_name":"Government of Hungary","ror":"https://ror.org/007ekx298","country_code":"HU","type":"government","lineage":["https://openalex.org/I2801923502"]}],"countries":["HU"],"is_corresponding":true,"raw_author_name":"Peter Banyasz","raw_affiliation_strings":["Department of Cybersecurity and e-Government, Ludovika University of Public Service, Budapest, Hungary","Institute of Cybersecurity, Ludovika University of Public Service, Budapest, Hungary"],"raw_orcid":"https://orcid.org/0000-0002-7308-9304","affiliations":[{"raw_affiliation_string":"Department of Cybersecurity and e-Government, Ludovika University of Public Service, Budapest, Hungary","institution_ids":["https://openalex.org/I1331168281","https://openalex.org/I2801923502"]},{"raw_affiliation_string":"Institute of Cybersecurity, Ludovika University of Public Service, Budapest, Hungary","institution_ids":["https://openalex.org/I1331168281"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053035711","display_name":"M\u00e1t\u00e9 Dub","orcid":"https://orcid.org/0000-0001-9036-4112"},"institutions":[{"id":"https://openalex.org/I1331168281","display_name":"Ludovika University of Public Service","ror":"https://ror.org/040yeqy86","country_code":"HU","type":"education","lineage":["https://openalex.org/I1331168281"]}],"countries":["HU"],"is_corresponding":false,"raw_author_name":"Mate Dub","raw_affiliation_strings":["Doctoral School of Military Sciences, Ludovika University of Public Service, Budapest, Hungary"],"raw_orcid":"https://orcid.org/0000-0001-9036-4112","affiliations":[{"raw_affiliation_string":"Doctoral School of Military Sciences, Ludovika University of Public Service, Budapest, Hungary","institution_ids":["https://openalex.org/I1331168281"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5032355540","display_name":"Tam\u00e1s Sz\u00e1deczky","orcid":"https://orcid.org/0000-0001-7191-4924"},"institutions":[{"id":"https://openalex.org/I1331168281","display_name":"Ludovika University of Public Service","ror":"https://ror.org/040yeqy86","country_code":"HU","type":"education","lineage":["https://openalex.org/I1331168281"]},{"id":"https://openalex.org/I2801923502","display_name":"Government of Hungary","ror":"https://ror.org/007ekx298","country_code":"HU","type":"government","lineage":["https://openalex.org/I2801923502"]}],"countries":["HU"],"is_corresponding":false,"raw_author_name":"Tamas Szadeczky","raw_affiliation_strings":["Department of Cybersecurity and e-Government, Ludovika University of Public Service, Budapest, Hungary"],"raw_orcid":"https://orcid.org/0000-0001-7191-4924","affiliations":[{"raw_affiliation_string":"Department of Cybersecurity and e-Government, Ludovika University of Public Service, Budapest, Hungary","institution_ids":["https://openalex.org/I1331168281","https://openalex.org/I2801923502"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5106345802","display_name":"Kincso Boroka Vaczi","orcid":"https://orcid.org/0009-0008-4824-0923"},"institutions":[{"id":"https://openalex.org/I1331168281","display_name":"Ludovika University of Public Service","ror":"https://ror.org/040yeqy86","country_code":"HU","type":"education","lineage":["https://openalex.org/I1331168281"]}],"countries":["HU"],"is_corresponding":false,"raw_author_name":"Kincso Boroka Banyasz-Vaczi","raw_affiliation_strings":["Istvan Nemeskurty Faculty of Teacher Training, Ludovika University of Public Service, Budapest, Hungary"],"raw_orcid":"https://orcid.org/0009-0008-4824-0923","affiliations":[{"raw_affiliation_string":"Istvan Nemeskurty Faculty of Teacher Training, Ludovika University of Public Service, Budapest, Hungary","institution_ids":["https://openalex.org/I1331168281"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5068383165"],"corresponding_institution_ids":["https://openalex.org/I1331168281","https://openalex.org/I2801923502"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.83444925,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"198","last_page":"204"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.7901999950408936,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.7901999950408936,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.03590000048279762,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.02710000053048134,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/phishing","display_name":"Phishing","score":0.8343999981880188},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.675000011920929},{"id":"https://openalex.org/keywords/social-engineering","display_name":"Social engineering (security)","score":0.6035000085830688},{"id":"https://openalex.org/keywords/resilience","display_name":"Resilience (materials science)","score":0.5307000279426575},{"id":"https://openalex.org/keywords/information-security-audit","display_name":"Information security audit","score":0.5149999856948853},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.4903999865055084},{"id":"https://openalex.org/keywords/security-awareness","display_name":"Security awareness","score":0.46000000834465027},{"id":"https://openalex.org/keywords/element","display_name":"Element (criminal law)","score":0.4032000005245209},{"id":"https://openalex.org/keywords/physical-security","display_name":"Physical security","score":0.38019999861717224},{"id":"https://openalex.org/keywords/data-breach","display_name":"Data breach","score":0.36959999799728394}],"concepts":[{"id":"https://openalex.org/C83860907","wikidata":"https://www.wikidata.org/wiki/Q135005","display_name":"Phishing","level":3,"score":0.8343999981880188},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.675000011920929},{"id":"https://openalex.org/C70118762","wikidata":"https://www.wikidata.org/wiki/Q376934","display_name":"Social engineering (security)","level":2,"score":0.6035000085830688},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.5307000279426575},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5254999995231628},{"id":"https://openalex.org/C39358052","wikidata":"https://www.wikidata.org/wiki/Q2578632","display_name":"Information security audit","level":5,"score":0.5149999856948853},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.4903999865055084},{"id":"https://openalex.org/C2778652015","wikidata":"https://www.wikidata.org/wiki/Q7445019","display_name":"Security awareness","level":3,"score":0.46000000834465027},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.4578999876976013},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.4138000011444092},{"id":"https://openalex.org/C200288055","wikidata":"https://www.wikidata.org/wiki/Q2621792","display_name":"Element (criminal law)","level":2,"score":0.4032000005245209},{"id":"https://openalex.org/C2776157020","wikidata":"https://www.wikidata.org/wiki/Q851598","display_name":"Physical security","level":2,"score":0.38019999861717224},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.36959999799728394},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.366100013256073},{"id":"https://openalex.org/C39549134","wikidata":"https://www.wikidata.org/wiki/Q133080","display_name":"Public relations","level":1,"score":0.33709999918937683},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.32749998569488525},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.32019999623298645},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.3167000114917755},{"id":"https://openalex.org/C2778137410","wikidata":"https://www.wikidata.org/wiki/Q2732820","display_name":"Government (linguistics)","level":2,"score":0.3147999942302704},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.29670000076293945},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.28850001096725464},{"id":"https://openalex.org/C17520342","wikidata":"https://www.wikidata.org/wiki/Q7797190","display_name":"Threat","level":5,"score":0.28630000352859497},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.2842000126838684},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.28369998931884766},{"id":"https://openalex.org/C505623098","wikidata":"https://www.wikidata.org/wiki/Q3002932","display_name":"Critical security studies","level":5,"score":0.2766000032424927},{"id":"https://openalex.org/C10511746","wikidata":"https://www.wikidata.org/wiki/Q899388","display_name":"Data security","level":3,"score":0.2750000059604645},{"id":"https://openalex.org/C13159133","wikidata":"https://www.wikidata.org/wiki/Q365674","display_name":"Security engineering","level":5,"score":0.2694000005722046},{"id":"https://openalex.org/C67674302","wikidata":"https://www.wikidata.org/wiki/Q730573","display_name":"Organizational culture","level":2,"score":0.2606000006198883},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.2596000134944916},{"id":"https://openalex.org/C2909264111","wikidata":"https://www.wikidata.org/wiki/Q740419","display_name":"Financial Audit","level":3,"score":0.25929999351501465},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.25859999656677246},{"id":"https://openalex.org/C2777111884","wikidata":"https://www.wikidata.org/wiki/Q12002092","display_name":"Social security","level":2,"score":0.25850000977516174},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.2574000060558319},{"id":"https://openalex.org/C27415008","wikidata":"https://www.wikidata.org/wiki/Q7256382","display_name":"Psychological intervention","level":2,"score":0.25429999828338623},{"id":"https://openalex.org/C2778223634","wikidata":"https://www.wikidata.org/wiki/Q224952","display_name":"Suspect","level":2,"score":0.25130000710487366}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3773002.3774811","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3773002.3774811","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Central and Eastern European eDem and eGov Days 2025","raw_type":"proceedings-article"},{"id":"pmh:oai:tudasportal.uni-nke.hu:20.500.12944/109904","is_oa":true,"landing_page_url":"http://hdl.handle.net/20.500.12944/109904","pdf_url":"https://tudasportal.uni-nke.hu/xmlui/bitstream/20.500.12944/109904/1/3773002.3774811-Beyond_technology.pdf","source":{"id":"https://openalex.org/S7407055284","display_name":"K\u00f6zszolg\u00e1lati Tud\u00e1sport\u00e1l","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/other"},{"id":"pmh:oai:real.mtak.hu:235049","is_oa":false,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4306400081","display_name":"Repository of the Academy's Library (Library of the Hungarian Academy of Sciences)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210140733","host_organization_name":"Library and Information Centre of the Hungarian Academy of Sciences","host_organization_lineage":["https://openalex.org/I4210140733"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/bookPart"}],"best_oa_location":{"id":"doi:10.1145/3773002.3774811","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3773002.3774811","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Central and Eastern European eDem and eGov Days 2025","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.40563562512397766,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320335908","display_name":"Nemzeti Kutat\u00e1si, Fejleszt\u00e9si \u00e9s Innovaci\u00f3s Alap","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W112931184","https://openalex.org/W2294662036","https://openalex.org/W2944809083","https://openalex.org/W2948021903","https://openalex.org/W2976990364","https://openalex.org/W3186581807","https://openalex.org/W3191656082","https://openalex.org/W4283814828","https://openalex.org/W4297035157","https://openalex.org/W4378373707","https://openalex.org/W4389544999","https://openalex.org/W4392667464","https://openalex.org/W4403970871","https://openalex.org/W4404706792","https://openalex.org/W4406088251"],"related_works":[],"abstract_inverted_index":{"This":[0],"study":[1,180],"examines":[2],"cybersecurity":[3],"vulnerabilities,":[4],"with":[5,54],"a":[6,14,18,24,104,112,192,199,203],"particular":[7],"emphasis":[8],"on":[9],"the":[10,32,44,51,55,87,108,115,122,136,159,168,179,183],"human":[11,184],"factor,":[12],"through":[13],"phishing":[15,46],"simulation":[16],"and":[17,37,58,83,150,165,202],"physical":[19],"security":[20,33,123,140,171],"audit":[21,67],"conducted":[22],"within":[23],"Hungarian":[25],"organization.":[26],"The":[27,65,133,153],"objective":[28],"was":[29,96,111],"to":[30,40,121,145,161],"evaluate":[31],"awareness":[34,172],"of":[35,50,117,128,170,194,206],"employees":[36,100],"their":[38,62],"responses":[39],"genuine":[41],"threats.":[42],"Throughout":[43],"three-day":[45],"campaign,":[47,109],"over":[48],"half":[49],"participants":[52],"engaged":[53],"deceptive":[56],"email,":[57],"nearly":[59],"one-third":[60],"disclosed":[61],"company":[63],"credentials.":[64],"on-site":[66],"identified":[68],"more":[69],"than":[70],"fifty":[71],"significant":[72],"vulnerabilities":[73],"across":[74],"eight":[75],"risk":[76],"categories,":[77],"including":[78],"unsecured":[79],"data":[80],"storage":[81],"devices":[82],"visible":[84],"passwords.":[85],"Although":[86],"demographic":[88],"analysis":[89],"did":[90],"not":[91,187],"reveal":[92],"notable":[93],"differences,":[94],"it":[95],"observed":[97],"that":[98,138,167,182],"younger":[99],"(ages":[101],"20\u201334)":[102],"showed":[103],"higher":[105],"susceptibility.":[106],"Following":[107],"there":[110],"rise":[113],"in":[114],"number":[116],"suspicious":[118],"reports":[119],"submitted":[120],"department,":[124],"indicating":[125],"an":[126,174],"enhancement":[127],"security-conscious":[129],"behavior":[130],"among":[131],"staff.":[132],"findings":[134],"underscore":[135],"notion":[137],"information":[139],"resilience":[141],"is":[142,173],"intrinsically":[143],"linked":[144],"organizational":[146,207],"culture,":[147],"employee":[148],"behavior,":[149],"everyday":[151],"practices.":[152],"research":[154],"provided":[155],"practical":[156],"insights,":[157],"enabling":[158],"organization":[160],"implement":[162],"targeted":[163],"interventions":[164],"demonstrating":[166],"development":[169],"ongoing":[175],"learning":[176],"process.":[177],"Ultimately,":[178],"asserts":[181],"factor":[185],"should":[186],"only":[188],"be":[189],"regarded":[190],"as":[191,198],"source":[193],"error":[195],"but":[196],"also":[197],"developable":[200],"competency":[201],"crucial":[204],"element":[205],"defense.":[208]},"counts_by_year":[],"updated_date":"2026-02-21T06:11:54.161237","created_date":"2026-02-20T00:00:00"}