Abstract
Cybersecurity breaches are a serious threat to economies and organisations across the globe in the digital landscape of today. Phishing attacks are one of the most common ways that these threats infiltrate businesses as they have developed into sophisticated strategies that make use of compromised accounts and exploit legitimate credentials for advanced attacks like lateral phishing. This paper investigates the processes employed by security practitioners in verifying the identity of account owners when suspecting a compromised account. Through semi-structured interviews with 13 cybersecurity professionals, we report on how practitioners are using diverse strategies for contacting suspected employees, including direct and indirect contact through line managers. We discuss the complexities in communication strategies during security incidents.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of BCS HCI 2024 |
| DOIs | |
| Publication status | Published (VoR) - 1 Jul 2024 |