Effectiveness of social engineering awareness training in mitigating spear phishing risks in financial institutions from a cybersecurity perspective

Victoria Bukky Ayoola 1, *, Ugoaghalam Uche James 2, Idoko Peter Idoko 3, Onuh Matthew Ijiga 4 and Toyosi Motilola Olola 5

1 Department of Environmental Science and Resource Management, National Open University of Nigeria, Lokoja Kogi state, Nigeria.
2 Department of Computer Information Systems, Faculty of Computer Engineering, Prairie view A&M University, Prairie View, Texas, USA.
3 Department of Electrical/Electronic Engineering, University of Ibadan, Nigeria.
4 Department of Physics, Joseph Sarwuan Tarka University, Makurdi, Nigeria
5 Department of Communications, University of North Dakota, Grand Forks, USA.
 
Review Article
Global Journal of Engineering and Technology Advances, 2024, 20(03), 094–117.
Article DOI: 10.30574/gjeta.2024.20.3.0164
Publication history: 
Received on 24 July 2024; revised on 03 September 2024; accepted on 06 September 2024
 
Abstract: 
Spear phishing remains a critical cybersecurity threat to financial institutions, where attackers exploit human vulnerabilities to breach sensitive systems. This review paper explores the effectiveness of social engineering awareness training programs in reducing spear phishing risks within the financial sector from a cybersecurity perspective. By analyzing existing research, the paper assesses various training approaches, focusing on elements such as content relevance, delivery methods, and employee engagement. The review highlights how targeted awareness programs can enhance employees' ability to recognize and respond to phishing attempts, thereby strengthening overall cybersecurity defenses. The findings emphasize the importance of continuous, specialized training in fostering a proactive security culture and offer recommendations for optimizing awareness strategies to bolster cybersecurity resilience in financial institutions.
 
Keywords: 
Spear Phishing; Social Engineering; Cybersecurity Awareness Training; Financial Institutions; Phishing Mitigation; Employee Training; Security Culture; Cybersecurity Resilience; Human Vulnerabilities; Phishing Defense Strategies
 
Full text article in PDF: 
 
Copyright information: 
Copyright © 2024 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0