An exploratory study about the impact of phishing attacks on online financial institutions in the UAE

Hussain, Fehmida ORCID logoORCID: https://orcid.org/0000-0003-3567-0955 and Shabaan, Youssef (2015) An exploratory study about the impact of phishing attacks on online financial institutions in the UAE. In: ERPBSS 2015: Third International Conference on Emerging Research Paradigms in Business and Social Sciences, 24-26 Nov 2015, Dubai, UAE. . [Conference or Workshop Item]

Abstract

In recent years, significant evolution of internet technology has created an opportunity for financial institutions to provide easy access and convenience to banking services for their customers. Online banking services have been found since the early 1980’s with the aim of empowering banking customers with the ability to access their banking accounts and perform a variety of financial transactions from anywhere, at any time (Shannak, 2013). Although, the adoption of online banking has significantly increased over the past years, so has the daily risks and threats associated with this adoption where online banking customers are considered the weakest link in the security best practice chain. Therefore, in order to protect and secure online banking customers from these cyber threats, security control enforcement mechanisms must be in place and the financial institutions should provide guidelines to their customers to in avoiding such threats.
This paper uses exploratory research method to assess the impact of phishing attacks and the threats it poses to online banking services. In addition, the importance of carrying out the vulnerability assessment based on short period interval scanning over other methods is also evaluated. Qualitative data was collected via open ended interviews with seven security professionals within financial institutions in the UAE.
The analysis of the qualitative data shows the gap between financial institutions and online banking services regarding security awareness techniques and delivery methods. This gap further gives rise to a lack of sharing and revealing security breach information by financial institutions to the communities, negatively spreading the attack impact to other financial institutions. Also, the non-expected threats, such as insider threats which are overlooked by many financial institutions, disclose sensitive information which may be used to manipulate the customer's financial accounts leading to severe consequences.

Item Type: Conference or Workshop Item (Presentation)
Sustainable Development Goals:
Theme:
Research Areas: A. > School of Science and Technology > Computer Science
Item ID: 35782
Depositing User: Fehmida Hussain
Date Deposited: 06 Sep 2022 09:15
Last Modified: 18 Nov 2022 16:16
URI: https://eprints.mdx.ac.uk/id/eprint/35782

Actions (login required)

View Item View Item

Statistics

Activity Overview
6 month trend
0Downloads
6 month trend
0Hits

Additional statistics are available via IRStats2.