Pretexting

Pretexting is a type of social engineering attack that involves a situation, or pretext, created by an attacker in order to lure a victim into a vulnerable situation and to trick them into giving private information, specifically information that the victim would typically not give outside the context of the pretext.^[1] In its history, pretexting has been described as the first stage of social engineering, and has been used by the FBI to aid in investigations.^[2] A specific example of pretexting is reverse social engineering, in which the attacker tricks the victim into contacting the attacker first.

A reason for pretexting's prevalence among social engineering attacks is its reliance on manipulating the human mind in order to gain access to the information the attacker wants, versus having to hack a technological system. When looking for victims, attackers can watch out for a variety of characteristics, such as ability to trust, low perception of threat, response to authority, and susceptibility to react with fear or excitement in different situations.^[3]^[4] Throughout history, pretexting attacks have increased in complexity, having evolved from manipulating operators over the phone in the 1900s to the Hewlett Packard scandal in the 2000s, which involved the use of social security numbers, phones, and banks.^[5] Current education frameworks on social engineering are used in organizations, although researchers in academia have suggested possible improvements to those frameworks.^[6]

Background

Social engineering

Social engineering is a psychological manipulation tactic that leads to the unwilling or unknowing response of the target/victim.^[7] It is one of the top information security threats in the modern world, affecting organizations, business management, and industries.^[7] Social engineering attacks are considered difficult to prevent due to its root in psychological manipulation.^[8] These attacks can also reach a broader scale. In other security attacks, a company that holds customer data might be breached. With social engineering attacks, both the company (specifically workers within the company) and the customer directly are susceptible to being targeted.^[8]

An example would be in the banking industry, where not only bank employees can be attacked, but the customers as well. Social engineering culprits directly target customers and/or employees to work around trying to hack a purely technological system and exploit human vulnerabilities.^[8]

Though its definition in relation to cybersecurity has been skewed across different literature, a common theme is that social engineering (in cybersecurity) exploits human vulnerabilities in order to breach entities such as computers and information technology.^[2]

Social engineering has little literature and research done on it currently. However, a main part of the methodology when researching social engineering is to set up a made-up pretext. When assessing which social engineering attacks are the most dangerous or harmful, (ie. phishing, vishing, water-holing), the type of pretext is a largely insignificant factor, seeing as some attacks can have multiple pretexts. Thus, pretexting itself is widely used, not just as its own attack, but as a component of others.^[9]

Pretexting in the timeline of social engineering

In cybersecurity, pretexting can be considered one of the earliest stages of evolution for social engineering. For example, while the social engineering attack known as phishing relies on modern items such as credit cards and mainly occurs in the electronic space, pretexting was and can be implemented without technology.^[10]

Pretexting was one of the first examples of social engineering. Coined by the FBI in 1974, the concept of pretexting was often used to help in their investigations. In this phase, pretexting consisted of an attacker calling the victim simply asking for information.^[2] Pretexting attacks usually consist of persuasion tactics. After this beginning phase of social engineering's evolution (1974-1983), pretexting changed from not only persuasion tactics, but deception tactics as well. As technology developed, pretexting methods developed alongside it. Soon, hackers had access to a wider audience of victims due to the invention of social media.^[2]

Reverse social engineering

Reverse social engineering is a more specific example of pretexting.^[11] It is a non-electronic form of social engineering where the attacker creates a pretext where the user is manipulated into contacting the attacker first, versus the other way around.

Typically, reverse engineering attacks involve the attacker advertising their services as a type of technical aid, establishing credibility. Then, the victim is tricked into contacting the attacker after seeing advertisements, without the attacker directly contacting the victim in the first place. Once an attacker successfully accomplishes a reverse social engineering attack, then a wide range of social engineering attacks can be established due to the falsified trust between the attacker and the victim (for example, the attacker can give the victim a harmful link and say that it is a solution to the victim's problem. Due to the connection between the attacker and the victim, the victim will be inclined to believe the attacker and click on the harmful link).^[12]

Social aspect

Pretexting was and continues to be seen as a useful tactic in social engineering attacks. According to researchers, this is because they don't rely on technology (such as hacking into computer systems or breaching technology). Pretexting can occur online, but it is more reliant on the user and the aspects of their personality the attacker can utilize to their advantage. ^[13] Attacks that are more reliant on the user are harder to track and control, as each person responds to social engineering and pretexting attacks differently. Directly attacking a computer, however, can take less effort to solve, since computers relatively work in similar ways.^[13] There are certain characteristics of users that attackers pinpoint and target. In academia, some common characteristics^[14] are:

Prized

If the victim is "prized", it means that he/she has some type of information that the social engineer desires.^[3]

Ability to trust

Trustworthiness goes along with likability, as typically the more someone is liked, the more they are trusted.^[14] Similarly, when trust is established between the social engineer (the attacker) and the victim, credibility is also established. Thus, it is easier for the victim to divulge personal information to the attacker if the victim is more easily able to trust.^[4]

Susceptibility to react

How easily a person reacts to events and to what degree can be used in a social engineer's favor. Particularly, emotions like excitement and fear are often used to persuade people to divulge information. For example, a pretext could be established wherein the social engineer teases an exciting prize for the victim if they agree to give the social engineer their banking information. The feeling of excitement can be used to lure the victim into the pretext and persuade them to give the attacker the information being sought after.^[14]

Low perception of threat

Despite understanding that threats exist when doing anything online, most people will perform actions that are against this, such as clicking on random links or accepting unknown friend requests.^[14] This is due to a person perceiving the action as having a low threat or negative consequence. This lack of fear/threat, despite an awareness of its presence, is another reason why social engineering attacks, especially pretexting, are prevalent.^[15]

Response to authority

If the victim is submissive and compliant, then an attacker is more likely to be successful in the attack if a pretext is set where the victim thinks the attacker is posed as some type of authoritative figure.^[14]

Examples throughout history

Early pretexting (1970-80s)

The October 1984 article Switching centres and Operators detailed a common pretexting attack at the time. Attackers would often contact operators who specifically operated for deaf people using Teletypewriters. The logic was that these operators were often more patient than regular operators, so it was easier to manipulate and persuade them for the information the attacker desired. ^[2]

Recent examples

The most notable is the Hewlett Packard scandal. The company Hewlett Packard wanted to know who was leaking out information to journalists. In order to do so, they provided private investigators with employees' personal information (such as social security numbers), and the private investigators in turn called phone companies impersonating those employees in hopes of obtaining call records. When the scandal was discovered, the CEO resigned. ^[16]

In general, socialbots are machine-operated fake social media profiles employed by social engineering attackers. On social media sites like Facebook, socialbots can be used to send mass friend requests in order to find as many potential victims as possible.^[5] Using reverse social engineering techniques, attackers can use socialbots to gain massive amounts of private information on many social media users.^[17]

Current education frameworks

Current education frameworks on the topic of social engineering fall in between two categories: awareness and training. Awareness is when the information about social engineering is presented to the intended party to inform them about the topic. Training is specifically teaching necessary skills that people will learn and use in case they are in a social engineering attack or can encounter one.^[6] Awareness and training can be combined into one intensive process when constructing education frameworks.

While research has been done on the successfulness and necessity of training programs in the context of cybersecurity education^[18], up to 70% of information can be lost when it comes to social engineering training.^[19] A research study on social engineering education in banks across the Asian Pacific, it was found that most frameworks only touched upon either awareness or training. Also, the only type of social engineering attack that was taught was phishing. By looking at and comparing the security policies on these banks' websites, the policies contain generalized language such as "malware" and "scams", while also missing the details behind the different types of social engineering attacks and examples of each one of those types.^[6]

This generalization does not benefit the users being educated by these frameworks, as there is considerable depth missing when the user is only educated on broad terms like the examples above. As well, purely technical methods of combatting against social engineering and pretexting attacks, such as firewalls and antiviruses, are ineffective. This is because social engineering attacks typically involve exploiting the social characteristic of human nature, thus purely combatting technology is ineffective.^[20]

Article: Information Privacy: (Information privacy)

I chose to evaluate this article because it is relevant to my work for my lab.

Lead

Guiding questions

Does the Lead include an introductory sentence that concisely and clearly describes the article's topic?
Does the Lead include a brief description of the article's major sections?
Does the Lead include information that is not present in the article?
Is the Lead concise or is it overly detailed?

The lead to my article is very concise and answers all the points above. It also links to other topics that the lead mentioned that the user might not be familiar with, giving them the opportunity to read up on such topics before perhaps diving into the article further.

Content

Guiding questions

Is the article's content relevant to the topic?
Is the content up-to-date?
Is there content that is missing or content that does not belong?
Does the article deal with one of Wikipedia's equity gaps? Does it address topics related to historically underrepresented populations or topics?

Content evaluation: The content of this article is very well-written, and addresses multiple aspects of information privacy that would overall give the reader a good understanding of the topic as a whole, such as examples of information privacy concerns, laws put in place to protect information privacy, and examples of information types (education, political, healthcare, etc.). I see that in the references, the author uses sources that are from as recent as 2018, which was 2 years ago. I am unsure if this constitutes being extremely out-of-date, but there are some articles that date back to the early 2000s. I would suggest finding more recent information on these topics, especially when talking about laws or policies that might have changed.

Tone and Balance

Guiding questions

Is the article neutral?
Are there any claims that appear heavily biased toward a particular position?
Are there viewpoints that are overrepresented, or underrepresented?
Does the article attempt to persuade the reader in favor of one position or away from another?

Tone and balance evaluation: I see no immediate biases in the article, and it seems fairly neutral. Exaggerated phrases such as "greatly" are used in a neutral context when describing how varied legality of information privacy is around the world, rather than to assert a specific position. The article does not attempt to persuade the reader in a certain direction.

Sources and References

Guiding questions

Are all facts in the article backed up by a reliable secondary source of information?
Are the sources thorough - i.e. Do they reflect the available literature on the topic?
Are the sources current?
Are the sources written by a diverse spectrum of authors? Do they include historically marginalized individuals where possible?
Check a few links. Do they work?

Sources and references evaluation: There are a fair amount of sources that back up the points made in the article, and all the sources are relevant to the topic. I do, however, see a few articles from sources such as The New York Times, which can be a biased source, unlike a peer-reviewed academic journal. However, I don't believe this source was used to prove a point in the article, but rather used to provide differing opinions about a topic mentioned in the article. The few links I checked worked.

Organization

Guiding questions

Is the article well-written - i.e. Is it concise, clear, and easy to read?
Does the article have any grammatical or spelling errors?
Is the article well-organized - i.e. broken down into sections that reflect the major points of the topic?

Organization evaluation: The article is well-written and easy to read, although some topics mentioned might be hard to understand if someone came in without any knowledge of the topic. The article was broken down into parts well, but I don't know if those parts were organized in the best way. I was confused about the "United States Safe Harbor program and passenger name record issues" section, and I believe that was the one section in this article that seemed out-of-place. Also, the Authorities section should not have been first in my opinion, but rather the section that described different types of information, as the amount of hyperlinks with no descriptions in the Authorities section seemed a bit daunting.

Images and Media

Guiding questions

Does the article include images that enhance understanding of the topic?
Are images well-captioned?
Do all images adhere to Wikipedia's copyright regulations?
Are the images laid out in a visually appealing way?

Images and media evaluation: There are no images to evaluate. The article could improve with more images and visualizations, especially for people who aren't well-educated on the topic.

Checking the talk page

Guiding questions

What kinds of conversations, if any, are going on behind the scenes about how to represent this topic?
How is the article rated? Is it a part of any WikiProjects?
How does the way Wikipedia discusses this topic differ from the way we've talked about it in class?

Talk page evaluation: I see conversations happening about removing certain language in the article because it seemed to give-off the impression of being an opinion, rather than a fact. There's some explicit language going on in the conversations, but it is used in casual conversation rather than being an insult. The article is a part of WikiProjects Computing.

Overall impressions

Guiding questions

What is the article's overall status?
What are the article's strengths?
How can the article be improved?
How would you assess the article's completeness - i.e. Is the article well-developed? Is it underdeveloped or poorly developed?

Overall evaluation: Overall, the article is pretty solid information and neutrality-wise. I think the article is well-developed, although as I mentioned the inclusion of certain sections seemed a bit distracting, but those sections were overall well-written.

Article: Spoofing Attack: (Spoofing attack)

I chose to evaluate this article because it is relevant to my work for my lab, and it will help me practice evaluating an article in Wikipedia.

Lead

Guiding questions

Does the Lead include an introductory sentence that concisely and clearly describes the article's topic?
Does the Lead include a brief description of the article's major sections?
Does the Lead include information that is not present in the article?
Is the Lead concise or is it overly detailed?

The lead to my article is a simple, singular sentence that describes the topic of the article very concisely. To a person unaware of the topic beforehand, it was easy to understand and not overly-detailed. There is a contexts box that shows the article's sections, but within the writing of the lead itself there is no mention of the article's main sections, which might be an improvement that needs to be made.

Content

Guiding questions

Is the article's content relevant to the topic?
Is the content up-to-date?
Is there content that is missing or content that does not belong?
Does the article deal with one of Wikipedia's equity gaps? Does it address topics related to historically underrepresented populations or topics?

Content evaluation: The content is relevant to the topic, and a majority of the sources are relatively up-to-date, but there are a few older articles that seem out-dated. However, these articles were used as sources to define terms, and I don't think the definition of such terms would need updating from how they were defined years ago. But then again, it's always important to check. My concern comes with the fact that there is an entire section of examples of spoofing that have no sources attached to them. There needs to be sources for those sections as they seem to describe factual information, but there is nowhere to trace whether that information is actually accurate.

Tone and Balance

Guiding questions

Is the article neutral?
Are there any claims that appear heavily biased toward a particular position?
Are there viewpoints that are overrepresented, or underrepresented?
Does the article attempt to persuade the reader in favor of one position or away from another?

Tone and balance evaluation: There seems to be no immediate-biases present in the article. There are a great deal of examples provided to give context of the statements the author made, but no side seems overly or underly represented. I don't believe the article is trying to persuade the reader one way or the other.

Sources and References

Guiding questions

Are all facts in the article backed up by a reliable secondary source of information?
Are the sources thorough - i.e. Do they reflect the available literature on the topic?
Are the sources current?
Are the sources written by a diverse spectrum of authors? Do they include historically marginalized individuals where possible?
Check a few links. Do they work?

Sources and references evaluation: I feel that there are too little sources in this article in the context of the sections the author wrote. There are 4-5 sections after the lead that go without proper sources, and are instead linked to other Wikipedia articles. Does this count as reliable sourcing? I am unsure about that. However, the article's actual sources don't appear until a little less than half-way into the article. The sources are definitely diverse, but there are a few news articles that aren't the most accurate, unbiased sources of information. The links work.

Organization

Guiding questions

Is the article well-written - i.e. Is it concise, clear, and easy to read?
Does the article have any grammatical or spelling errors?
Is the article well-organized - i.e. broken down into sections that reflect the major points of the topic?

Organization evaluation: The organization of the article seems logical, I think the sections that are broken down well, but I feel that the diversity in the sections is a bit monotone. All the sections are examples of spoofing, and I'm unsure if there could be any other more-diverse sections, such as implications, that would give the article more. However, the sections were split cleanly and they were well-informed. There are no noticeable spelling errors/grammar errors.

Images and Media

Guiding questions

Does the article include images that enhance understanding of the topic?
Are images well-captioned?
Do all images adhere to Wikipedia's copyright regulations?
Are the images laid out in a visually appealing way?

Images and media evaluation: There are no images to evaluate. The article could improve with more images and visualizations, especially for people who aren't well-educated on the topic.

Checking the talk page

Guiding questions

What kinds of conversations, if any, are going on behind the scenes about how to represent this topic?
How is the article rated? Is it a part of any WikiProjects?
How does the way Wikipedia discusses this topic differ from the way we've talked about it in class?

Talk page evaluation: The conversations in the talk page are minimal, but there was one comment that suggested the user edit the lead to make it more understandable than what it previously was, and the author definitely followed through. They were also asked to clarify some general words, like "last summer". This is under the WikiProjects Computer Security.

Overall impressions

Guiding questions

What is the article's overall status?
What are the article's strengths?
How can the article be improved?
How would you assess the article's completeness - i.e. Is the article well-developed? Is it underdeveloped or poorly developed?

Overall evaluation: Overall, the article is informative. I think it was broken down well and easy to understand. Perhaps more sections could be made that aren't just examples of Spoofing, and more reliable sources could be used rather than just hyperlinking other Wiki articles.

Article Feedback (Leadership)

Great start to your article! I think that the organization is great so far, and I especially like how you started with a background section. The article maintains a neutral tone, and it also appears balanced so far with the 3 subsections. Your article only uses 3 sources, but you need to include all 20 of the sources from your annotated bibliography in your article. Your citations in the subsections are great, and I think that you incorporated information from your research well, and the article is easy to follow.

Here are some suggestions:

The lead currently does not have any citations. I would add some, especially after the first sentence.
You can remove “As a background” from the lead.
Add more hyperlinks throughout the article, for example “social engineering” in the first sentence.
Subsections need to be formatted as Headings.

More Feedback:

- Great progress! I would bold the first word in the lead.

- Great job incorporating information from your sources, make sure to add information from all 20 sources

- I would also suggest adding an image

- I would also suggest adding more examples in the historical examples section.

- I would also consider writing about ways of protecting oneself against these attacks.

Additional suggestions:

- In the lead section, add a sentence or two of an example of where we see pretexting. That gives a better picture for the audience.

- In the Social aspect, add a brief description or definition of the three bullet points to add more depth to the article.

- Add more hyperlinks in the article, that will ensure that the article can be accessed through other articles and it also gives an idea of what common topics appears with pretexting

Peer review: jameswang323

Lead

The lead section is concise and covers what pretexting is, good job!

Content

I'm not sure, but I don't see any content for Reverse social engineering, Possible training frameworks, and Comparison to other social engineering attacks, are you planning to add these contents? Overall, the content is great for the parts written.

Tone and Balance

The tone is neutral and no bias is in the article, good job!

Sources and References

Right now you only have 7 sources. You should include 13 more sources. for the sources used, they seem up-to-date and are relevant to at the article. For example phishing and social engineering articles are related to your topics.

Organization

The organization of the article is good so far. I would consider moving the examples throughout history part under specific categories or headings. This way, your article will be more coherent maybe. As you add more content, consider dividing topics into subheadings as well.

Overall impressions

Your article draft looks good so far! I would consider adding more contents in training frameworks, reverse social engineering, and comparison to other attacks. I would also link to other articles and consider adding images. Good job so far!

Peer review (Showtime oski)

Lead

The lead and its introductory sentence are concise and clearly written. You hint at the main sections of your article, although you can probably expand on "Examples of pretexting also vary in different eras." (But not too much, just give the general idea.)

Content

The content is relevant and up-to-date. There is no content that is missing or that does not belong. It does address how attackers tried to take advantage of operators who worked with deaf people, which is an underrepresented group.

Tone and Balance

The content is neutral in tone. There are no claims that appear heavily biased toward a particular position. There are no viewpoints that over- or under- represented.

Copy-edit:

"The simplest explanation of pretexting in this phase is when someone called you and asks you for your information or asks you to do something."

You can make this sentence more concise (also, the use of second person makes the article a bit more informal). Change "called" to "calls," and delete the second "asks you".

Sources and References

The sources are current, with the most recent being published in 2020, and the oldest in 2008. They are peer-reviewed journal articles. Two of the links work for me, but the Workman link doesn't -- it says "This page isn't working, onlinelibrary.wiley.com redirected you too many times. Try clearing your cookies."

Organization

The content is well-written and easy to read. It does not contain any grammatical or spelling errors. It is well-organized -- you were very thoughtful in how you planned the outline of sections and subsections. Good job!

Copy-edit:

In your "Social Aspect of Pretexting section, in the phrase "Pretexting was and is continued to be seen as a useful tactic in social engineering attacks," change "continued" to "continues". Also, who continues to see it as a useful tactic? The FBI? Crooks?

Overall impressions

Your article draft is great! You stick to the facts, don't make any biased claims, or overrepresent or underrepresent any sides. You have a clear, logical order to your sections. Try to incorporate some more sources when you further expand your article. Keep up the good work!

Peer review (Brian)

This is where you will complete your peer review exercise. Please use the following template to fill out your review.

General info

Whose work are you reviewing? (provide username)HanMiKC
Link to draft you're reviewing: User:HanMiKC/sandbox

Lead

Guiding questions:

Has the Lead been updated to reflect the new content added by your peer?
Does the Lead include an introductory sentence that concisely and clearly describes the article's topic?
Does the Lead include a brief description of the article's major sections?
Does the Lead include information that is not present in the article?
Is the Lead concise or is it overly detailed?

Lead evaluation

The lead does include introductory sentences to the topic but does not give a brief description of the article's main sections.

Content

Guiding questions:

Is the content added relevant to the topic?
Is the content added up-to-date?
Is there content that is missing or content that does not belong?
Does the article deal with one of Wikipedia's equity gaps? Does it address topics related to historically underrepresented populations or topics?

Content evaluation

The content are both relevant and up-to-date. There are no missing or irrelevant content, but there is only a brief overview of the major sections of the article.

Tone and Balance

Guiding questions:

Is the content added neutral?
Are there any claims that appear heavily biased toward a particular position?
Are there viewpoints that are overrepresented, or underrepresented?
Does the content added attempt to persuade the reader in favor of one position or away from another?

Tone and balance evaluation

The draft seems to be fairly unbiased and offers an overview on the subject of pretexting.

Sources and References

Guiding questions:

Is all new content backed up by a reliable secondary source of information?
Are the sources thorough - i.e. Do they reflect the available literature on the topic?
Are the sources current?
Are the sources written by a diverse spectrum of authors? Do they include historically marginalized individuals where possible?
Check a few links. Do they work?

Sources and references evaluation

All claims are backed by evidence and the sources are relatively recent.

Organization

Guiding questions:

Is the content added well-written - i.e. Is it concise, clear, and easy to read?
Does the content added have any grammatical or spelling errors?
Is the content added well-organized - i.e. broken down into sections that reflect the major points of the topic?

Organization evaluation

The content is clear and easy-to-read without notable grammatical errors. However, I feel that you should combine section 3 and 5 since they both exhibit current-day information.

Images and Media

Guiding questions: If your peer added images or media

Does the article include images that enhance understanding of the topic?
Are images well-captioned?
Do all images adhere to Wikipedia's copyright regulations?
Are the images laid out in a visually appealing way?

Images and media evaluation

The draft currently does not include images.

For New Articles Only

If the draft you're reviewing is a new article, consider the following in addition to the above.

Does the article meet Wikipedia's Notability requirements - i.e. Is the article supported by 2-3 reliable secondary sources independent of the subject?
How exhaustive is the list of sources? Does it accurately represent all available literature on the subject?
Does the article follow the patterns of other similar articles - i.e. contain any necessary infoboxes, section headings, and any other features contained within similar articles?
Does the article link to other articles so it is more discoverable?

New Article Evaluation

Overall impressions

Guiding questions:

Has the content added improved the overall quality of the article - i.e. Is the article more complete?
What are the strengths of the content added?
How can the content added be improved?

Overall evaluation

Overall, I think you have a good outline of your article. The next step is to just follow through on the outline.

Peer review (Nankingaszz)

General info

Whose work are you reviewing? (provide username)HanMiKC
Link to draft you're reviewing: User:HanMiKC/sandbox

Lead

Guiding questions:

Has the Lead been updated to reflect the new content added by your peer?
Does the Lead include an introductory sentence that concisely and clearly describes the article's topic?
Does the Lead include a brief description of the article's major sections?
Does the Lead include information that is not present in the article?
Is the Lead concise or is it overly detailed?

Lead evaluation

The lead is brief and has an introductory sentence about the article's sentence. However, the lead is a little bit too general and does not include a description for every content in the article.

Content

Guiding questions:

Is the content added relevant to the topic?
Is the content added up-to-date?
Is there content that is missing or content that does not belong?
Does the article deal with one of Wikipedia's equity gaps? Does it address topics related to historically underrepresented populations or topics?

Content evaluation

The content added are all relevant to the topic and up-to-date.There is no content which does not belong. There is no major content addressing underrepresented populations or topics.

Tone and Balance

Guiding questions:

Is the content added neutral?
Are there any claims that appear heavily biased toward a particular position?
Are there viewpoints that are overrepresented, or underrepresented?
Does the content added attempt to persuade the reader in favor of one position or away from another?

Tone and balance evaluation

The content added is neutral and not biased. There is no perusation directing the reader into one direction.

Sources and References

Guiding questions:

Is all new content backed up by a reliable secondary source of information?
Are the sources thorough - i.e. Do they reflect the available literature on the topic?
Are the sources current?
Are the sources written by a diverse spectrum of authors? Do they include historically marginalized individuals where possible?
Check a few links. Do they work?

Sources and references evaluation

The new are all backed up by reliable secondary source of information and current.

Organization

Guiding questions:

Is the content added well-written - i.e. Is it concise, clear, and easy to read?
Does the content added have any grammatical or spelling errors?
Is the content added well-organized - i.e. broken down into sections that reflect the major points of the topic?

Organization evaluation

The content added is well-written and easy to read: there are clear sub-titles about each section and they are organized in a logical way.

Images and Media

Guiding questions: If your peer added images or media

Does the article include images that enhance understanding of the topic?
Are images well-captioned?
Do all images adhere to Wikipedia's copyright regulations?
Are the images laid out in a visually appealing way?

Images and media evaluation

The article does not include images for now.

For New Articles Only

If the draft you're reviewing is a new article, consider the following in addition to the above.

Does the article meet Wikipedia's Notability requirements - i.e. Is the article supported by 2-3 reliable secondary sources independent of the subject?
How exhaustive is the list of sources? Does it accurately represent all available literature on the subject?
Does the article follow the patterns of other similar articles - i.e. contain any necessary infoboxes, section headings, and any other features contained within similar articles?
Does the article link to other articles so it is more discoverable?

New Article Evaluation

Overall impressions

Guiding questions:

Has the content added improved the overall quality of the article - i.e. Is the article more complete?
What are the strengths of the content added?
How can the content added be improved?

Overall evaluation

I think the content looks good for now, and to improve that more images can be added; having more sources and additional information might help improve the content.

First Draft Peer review (Bobalily)

General info

Whose work are you reviewing? (HanMiKC)
Link to draft you're reviewing: User:HanMiKC/sandbox

Lead

Guiding questions:

Has the Lead been updated to reflect the new content added by your peer?
Does the Lead include an introductory sentence that concisely and clearly describes the article's topic?
Does the Lead include a brief description of the article's major sections?
Does the Lead include information that is not present in the article?
Is the Lead concise or is it overly detailed?

Lead evaluation

The lead is accurate to the new content added, but can include a little on the history of the topic. It is concise and clear, and it does not include information that is not presented in the article. Since this is an addition an existing article, the lead added is concise and to the point.

Content

Guiding questions:

Is the content added relevant to the topic?
Is the content added up-to-date?
Is there content that is missing or content that does not belong?
Does the article deal with one of Wikipedia's equity gaps? Does it address topics related to historically underrepresented populations or topics?

Content evaluation

The content added is relevant to the topic as it covers the history, and some examples of the topic. It is also up-to-date as it is from current years 2008-2020. I think there is no content the does not belong, and since we are still in the early stage of creating the article, there should be more content added later on. I think it does not necessarily address topics related to underrepresented populations or topics and it might be difficult to find resources on that.

Tone and Balance

Guiding questions:

Is the content added neutral?
Are there any claims that appear heavily biased toward a particular position?
Are there viewpoints that are overrepresented, or underrepresented?
Does the content added attempt to persuade the reader in favor of one position or away from another?

Tone and balance evaluation

The content added is neutral and there are no claims that appear heavily biased towards a particular position. There are no viewpoints overrepresented or underrepresented. The content also does not attempt to persuade the reader in favour of one position or away from another.

Sources and References

Guiding questions:

Is all new content backed up by a reliable secondary source of information?
Are the sources thorough - i.e. Do they reflect the available literature on the topic?
Are the sources current?
Are the sources written by a diverse spectrum of authors? Do they include historically marginalized individuals where possible?
Check a few links. Do they work?

Sources and references evaluation

All the new content is backed up by a reliable secondary source of information. However, I think that adding citations in some sentences within a paragraph might be a good idea instead of only referencing it in the end so that no violations of copy right. The sources are also current ranging from 2008 to 2020. Since there is only three resources, I don't think I can comment on the diverse spectrum of authors. All the links work.

Organization

Guiding questions:

Is the content added well-written - i.e. Is it concise, clear, and easy to read?
Does the content added have any grammatical or spelling errors?
Is the content added well-organized - i.e. broken down into sections that reflect the major points of the topic?

Organization evaluation

The content is well-written as it is clear and concise. There is also no grammatical or spelling errors. A suggestion I would give is that maybe make use of subheadings instead of using lists (1. 2.), because it is rare to see lists in wikipedia or maybe it is just me.

Images and Media

Guiding questions: If your peer added images or media

Does the article include images that enhance understanding of the topic?
Are images well-captioned?
Do all images adhere to Wikipedia's copyright regulations?
Are the images laid out in a visually appealing way?

Images and media evaluation

No images.

For New Articles Only

If the draft you're reviewing is a new article, consider the following in addition to the above.

Does the article meet Wikipedia's Notability requirements - i.e. Is the article supported by 2-3 reliable secondary sources independent of the subject?
How exhaustive is the list of sources? Does it accurately represent all available literature on the subject?
Does the article follow the patterns of other similar articles - i.e. contain any necessary infoboxes, section headings, and any other features contained within similar articles?
Does the article link to other articles so it is more discoverable?

New Article Evaluation

Not a new article.

Overall impressions

Guiding questions:

Has the content added improved the overall quality of the article - i.e. Is the article more complete?
What are the strengths of the content added?
How can the content added be improved?

Overall evaluation

Overall, great job! The first draft needs more information included and resources since it is still pretty short. I really like how you had a concise lead and only referenced peer-reviewed scholarly articles and journals! It is a hard semester and it is very likely our first time writing an article to be published on wikipedia which is super exciting! Hope midterms are going well, and happy halloween!!

Peer Review (Madssnake)

(Week 8 review)

Lead

I like your lead and how it is both concise yet informative. I would say the first sentence is a bit hard to read smoothly (due to the appositive), so I would maybe break it into two parts or try and/or remove having an appositive. I also don’t think “as a background” is necessary for the lead because as readers we know what a lead entails (ie background info). Overall, though, I think you have a really good lead and give a good introduction to your following sections.

Content

I think you cover a good range of topics, from background to examples, and you also include recent relations to pretexting as well. I love the phrase “coined by the FBI…” :) If you have more modern examples, I think it would be good to add that because the article is a little heavy on the past.

copy edit: “Pretexting was and continues to be seen as a useful tactic in social engineering attacks, according to researchers, as it doesn’t rely on technology”

Tone and Balance

Your tone is neutral, and you don’t try to persuade the reader about anything. You also do a good job of keeping the amount of content per section consistent.

Sources and References

I like that you linked some Wikipedia pages in your article. I also saw that you had citations in each paragraph, but only 3. I’m assuming that you will incorporate the rest of your sources into your article, and don’t forget to cite information in your lead! It’s nice that you use both current sources and ones from a decade ago.

Organization

I think you organized the sections in a clear way that flows nicely. I would maybe check diction or word choice, because a few of your sentences are slightly longer than necessary, but that’s just in my opinion.

Overall impressions

Overall, I like your article and I was able to grasp a good understanding of your topic. I think once you add the rest of your sources, and maybe another modern example, your content would be good! This is also not as important, but make sure your headers only have the first word capitalized, and you don’t really need to repeat “pretexting” in the section headings (social aspect and examples throughout history would suffice). Good job! Madssnake (talk) 05:49, 13 November 2020 (UTC)

Peer Review (Nicholas 100000)

Lead

The lead has a concise and clear introductory sentence. The lead also prepares the reader well for the content that is ahead.

Content

The content seems to be up to date as there are some articles from 2020. However, I think you may define social engineering under social aspect of pretexting, but to me it is unclear. I would also like it if there was a definition, link, and examples of what are persuasion tactics and deception tactics. This is only my opinion, and I'm sure you have more to add.

Tone and Balance

the tone throughout is neutral.

Sources and References

I checked two links and they work. The sources are also from reliable sources. There are only three sources, so I am not sure what else to say.

Organization

The organization is clear and there were no grammatical or spelling errors I could find.

Images and Media

There are no images at the time of review.

Overall impressions

Overall, this is a strong and interesting start to an article. Right now there is only three sources cited, so I am sure that you have a lot more to say.

Peer Review (Lolabaylo)

General info

Whose work are you reviewing? HanMiKC
Link to draft you're reviewing: User:HanMiKC/sandbox

Lead

Guiding questions:

Has the Lead been updated to reflect the new content added by your peer? The Lead seems fleshed out and provides a succinct overview of pretexting.
Does the Lead include an introductory sentence that concisely and clearly describes the article's topic? Yes; the introductory sentence is informative, concise, and provides a good overview of pretexting.
Does the Lead include a brief description of the article's major sections? The Lead does touch upon sections presented later in the article, including the background/history of pretexting and examples of pretexting.
Does the Lead include information that is not present in the article? No.
Is the Lead concise or is it overly detailed? The Lead is concise and clear; it is not overly detailed.

Lead evaluation

The lead is concise and provides a good overview of pretexting. Make sure to cite the information in your Lead!

Content

Guiding questions:

Is the content added relevant to the topic? Yes - all content is related to pretexting.
Is the content added up-to-date? Yes - while the content largely focuses on the history of pretexting, it also discusses pretexting today on social media.
Is there content that is missing or content that does not belong? No - all content seems relevant and thorough. The addition of a few more sections could flesh out this article a bit more, however.
Does the article deal with one of Wikipedia's equity gaps? Does it address topics related to historically underrepresented populations or topics? No, it does not address topics related to historically underrepresented populations. However, it does focus on how people in general can be vulnerable to pretexting and unintentionally disclose private information to malicious actors online.

Content evaluation

The content is thorough and related to the topic of pretexting - good job!

Tone and Balance

Guiding questions:

Is the content added neutral? Content is neutral - there are no subjective statements.
Are there any claims that appear heavily biased toward a particular position? No.
Are there viewpoints that are overrepresented, or underrepresented? No.
Does the content added attempt to persuade the reader in favor of one position or away from another? No - the writing and content aims to inform, not persuade, the audience.

Tone and balance evaluation

Overall, the content is good - it's neutral, unbiased, and aims to inform objectively.

Sources and References

Guiding questions:

Is all new content backed up by a reliable secondary source of information? Most content is backed up with references. However, the Lead section does not include any citations/references, and there are very few citations throughout the article in general. Consider adding the rest of your citations from the annotated bibliography to strengthen the credibility of this article.
Are the sources thorough - i.e. Do they reflect the available literature on the topic? There are only three sources provided. Adding the rest of your citations would make your reference list more thorough and varied.
Are the sources current? Yes - two were published in the late 2010s and the other was published in the 2000s.
Are the sources written by a diverse spectrum of authors? Do they include historically marginalized individuals where possible? There are only three references provided, so there isn't much diversity of authors/sources.
Check a few links. Do they work? Yes.

Sources and references evaluation

Sources seem good. Adding your remaining sources from your annotated bibliography would strengthen the credibility of this article.

Organization

Guiding questions:

Is the content added well-written - i.e. Is it concise, clear, and easy to read? Yes - the content is easy to understand and concise.
Does the content added have any grammatical or spelling errors? No grammatical errors found.
Is the content added well-organized - i.e. broken down into sections that reflect the major points of the topic? The organization is intuitive - I like how the first section is opens with a background of pretexting and then jumps into specific examples of pretexting.

Organization evaluation

The content is clear, succinct, and well-organized!

Images and Media

Guiding questions: If your peer added images or media

Does the article include images that enhance understanding of the topic? N/A
Are images well-captioned? N/A
Do all images adhere to Wikipedia's copyright regulations? N/A
Are the images laid out in a visually appealing way? N/A

Images and media evaluation

N/A

Overall impressions

Guiding questions:

Has the content added improved the overall quality of the article - i.e. Is the article more complete? The content provides good detail on pretexting within the context of social engineering (which is the Wikipedia article HanMiKC is adding to).
What are the strengths of the content added? The content clearly and succinctly describes pretexting, and details the main types of pretexting.
How can the content added be improved? Adding more sources could help improve this article.

Overall evaluation

Overall, I this article contribution is really good! Consider adding more sources and sections to make it even more thorough.

Peer Review (Hiiisparks)

Lead

I think the lead contains the needed information to introduce the topic. I'm not too sure what "social engineering incorporated current-day technologies" means? Are you trying to say social engineering incorporated into current-day technologies? I also think you can go in depth with "calling operators to private investigators" to make it more clear how that demonstrates a transition o the progression of pretexting. I had to reread it many times in order to understand what you were trying to say, so it may come off as confusing to other readers. (Something like "Examples of pretexting progress as technology advances, and an example would be the need for calling operators evolving into the profession of private investigators,,,,,")

copy edit: "in order lure the victim"- change to "to lure a victim..."

copy edit: Delete "As a background" and change "as" to "to be"

Content

I liked how you included a history/background section as it provides good information to the readers about how pretexting come to be. I think you try to expand more on this (if there is information to do so) to talk about the progression of pretexting after the addition of deception tactics. The social aspect of pretexting was good as well since it lets the readers to know why pretexting is a preferred method. Of course adding more examples would also be nice as it gives the readers more to read about and to also see if there could be any real-life situations they could come across either personally or in the news, etc. I would also suggest adding to the social aspects and adding more sentences to back up and enhance your statement on how pretexting is seem as useful. This prevents the first sentence from being a bit misleading. You could also add a quote from a researcher or something.

Organization

It seems organized and theres not too much information in one section that could make it hard to read. Using numbers in the examples section is a good idea to keep your different examples separate and easy to read.

Tone and Balance

The tone is neutral, and the balance of information doesn't seem to be a problem. One suggestion is to try to write more directly and be more specific. Some of the sentences do not come off super clearly, so the readers do not have to infer the meaning.

copy edit: "pretexting changed to include not only persuasion tactics but also deception tactics." Need to be more clear here as before it made it seem like pretexting changed from both persuasion and deception tactics. Make sure to make your points clear to the reader!

Sources

There are a few sources, but since it is a smaller section of an article, there doesn't need to be that many. As you add more, just remember to cite your statements.

Overall Impressions

There's a lot of good information, and I feel like I learned something from reading your section. I know you will be continuing to add more, and this will help readers understand more of the specifics of pretexting instead of just a rough feeling of what it is. There is a lot of potential, and adding more will help strengthen it. Just be careful when explaining and reread your draft as you add more to make sure every sentence comes across very directly. You can try moving around the words in a sentence to see what sounds the best and what makes it less confusing fo the readers to understand sot hey do not have to read over and over. good job, and I look forward to seeing how your topic ends out on the main space! ~~~~

This is a user sandbox of HanMiKC. You can use it for testing or practicing edits.
This is not the sandbox where you should draft your assigned article for a dashboard.wikiedu.org course.
To find the right sandbox for your assignment, visit your Dashboard course page and follow the Sandbox Draft link for your assigned article in the My Articles section.

Get Help

^ Greitzer, F. L.; Strozer, J. R.; Cohen, S.; Moore, A. P.; Mundie, D.; Cowley, J. (2014-05). "Analysis of Unintentional Insider Threats Deriving from Social Engineering Exploits". 2014 IEEE Security and Privacy Workshops: 236–250. doi:10.1109/SPW.2014.39. {{cite journal}}: Check date values in: |date= (help)
^ ^a ^b ^c ^d ^e Wang, Zuoguang; Sun, Limin; Zhu, Hongsong (2020). "Defining Social Engineering in Cybersecurity". IEEE Access. 8: 85094–85115. doi:10.1109/ACCESS.2020.2992807. ISSN 2169-3536.
^ ^a ^b Steinmetz, Kevin F. (2020-09-07). "The Identification of a Model Victim for Social Engineering: A Qualitative Analysis". Victims & Offenders: 1–25. doi:10.1080/15564886.2020.1818658. ISSN 1556-4886.
^ ^a ^b Algarni, Abdullah (2019/6). "What Message Characteristics Make Social Engineering Successful on Facebook: The Role of Central Route, Peripheral Route, and Perceived Risk". Information. 10 (6): 211. doi:10.3390/info10060211. {{cite journal}}: Check date values in: |date= (help)CS1 maint: unflagged free DOI (link)
^ ^a ^b Paradise, Abigail; Shabtai, Asaf; Puzis, Rami (2019-09-01). "Detecting Organization-Targeted Socialbots by Monitoring Social Network Profiles". Networks and Spatial Economics. 19 (3): 731–761. doi:10.1007/s11067-018-9406-1. ISSN 1572-9427.
^ ^a ^b ^c Ivaturi, Koteswara; Janczewski, Lech (2013-10-01). "Social Engineering Preparedness of Online Banks: An Asia-Pacific Perspective". Journal of Global Information Technology Management. 16 (4): 21–46. doi:10.1080/1097198X.2013.10845647. ISSN 1097-198X.
^ ^a ^b Ghafir, Ibrahim; Saleem, Jibran; Hammoudeh, Mohammad; Faour, Hanan; Prenosil, Vaclav; Jaf, Sardar; Jabbar, Sohail; Baker, Thar (2018-10). "Security threats to critical infrastructure: the human factor". The Journal of Supercomputing. 74 (10): 4986–5002. doi:10.1007/s11227-018-2337-2. ISSN 0920-8542. {{cite journal}}: Check date values in: |date= (help)
^ ^a ^b ^c Airehrour, David; Nair, Nisha Vasudevan; Madanian, Samaneh (2018-05-03). "Social Engineering Attacks and Countermeasures in the New Zealand Banking System: Advancing a User-Reflective Mitigation Model". Information. 9 (5): 110. doi:10.3390/info9050110. ISSN 2078-2489.{{cite journal}}: CS1 maint: unflagged free DOI (link)
^ Bleiman, Rachel (2020). "An Examination in Social Engineering: The Susceptibility of Disclosing Private Security Information in College Students". doi:10.34944/dspace/365. {{cite journal}}: Cite journal requires |journal= (help)
^ Chin, Tommy; Xiong, Kaiqi; Hu, Chengbin (2018). "Phishlimiter: A Phishing Detection and Mitigation Approach Using Software-Defined Networking". IEEE Access. 6: 42516–42531. doi:10.1109/ACCESS.2018.2837889. ISSN 2169-3536.
^ Greitzer, Frank L.; Strozer, Jeremy R.; Cohen, Sholom; Moore, Andrew P.; Mundie, David; Cowley, Jennifer (2014-05). "Analysis of Unintentional Insider Threats Deriving from Social Engineering Exploits". 2014 IEEE Security and Privacy Workshops. San Jose, CA: IEEE: 236–250. doi:10.1109/SPW.2014.39. ISBN 978-1-4799-5103-1. {{cite journal}}: Check date values in: |date= (help)
^ Irani, Danesh; Balduzzi, Marco; Balzarotti, Davide; Kirda, Engin; Pu, Calton (2011). Holz, Thorsten; Bos, Herbert (eds.). "Reverse Social Engineering Attacks in Online Social Networks". Detection of Intrusions and Malware, and Vulnerability Assessment. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer: 55–74. doi:10.1007/978-3-642-22424-9_4. ISBN 978-3-642-22424-9.
^ ^a ^b Heartfield, Ryan; Loukas, George (2018), Conti, Mauro; Somani, Gaurav; Poovendran, Radha (eds.), "Protection Against Semantic Social Engineering Attacks", Versatile Cybersecurity, vol. 72, Cham: Springer International Publishing, pp. 99–140, doi:10.1007/978-3-319-97643-3_4, ISBN 978-3-319-97642-6, retrieved 2020-10-29
^ ^a ^b ^c ^d ^e Workman, Michael (2007-12-13). "Gaining Access with Social Engineering: An Empirical Study of the Threat". Information Systems Security. 16 (6): 315–331. doi:10.1080/10658980701788165. ISSN 1065-898X.
^ Krombholz, Katharina; Merkl, Dieter; Weippl, Edgar (2012-12). "Fake identities in social media: A case study on the sustainability of the Facebook business model". Journal of Service Science Research. 4 (2): 175–212. doi:10.1007/s12927-012-0008-z. ISSN 2093-0720. {{cite journal}}: Check date values in: |date= (help)
^ Workman, Michael (2008). "Wisecrackers: A theory-grounded investigation of phishing and pretext social engineering threats to information security". Journal of the American Society for Information Science and Technology. 59 (4): 662–674. doi:10.1002/asi.20779. ISSN 1532-2882.
^ Boshmaf, Yazan; Muslukhov, Ildar; Beznosov, Konstantin; Ripeanu, Matei (2013-02-04). "Design and analysis of a social botnet". Computer Networks. Botnet Activity: Analysis, Detection and Shutdown. 57 (2): 556–578. doi:10.1016/j.comnet.2012.06.006. ISSN 1389-1286.
^ McCrohan, Kevin F.; Engel, Kathryn; Harvey, James W. (2010-06-14). "Influence of Awareness and Training on Cyber Security". Journal of Internet Commerce. 9 (1): 23–41. doi:10.1080/15332861.2010.487415. ISSN 1533-2861.
^ Ghafir, Ibrahim; Saleem, Jibran; Hammoudeh, Mohammad; Faour, Hanan; Prenosil, Vaclav; Jaf, Sardar; Jabbar, Sohail; Baker, Thar (2018-10-01). "Security threats to critical infrastructure: the human factor". The Journal of Supercomputing. 74 (10): 4986–5002. doi:10.1007/s11227-018-2337-2. ISSN 1573-0484.
^ Heartfield, Ryan; Loukas, George; Gan, Diane (2016). "You Are Probably Not the Weakest Link: Towards Practical Prediction of Susceptibility to Semantic Social Engineering Attacks". IEEE Access. 4: 6910–6928. doi:10.1109/ACCESS.2016.2616285. ISSN 2169-3536.

Review (Leadership)

Hi, great draft for the topic! I think your language is pretty clear and the structure is really nice. Personally, I like the section where you bring the examples in history into topic. That is really interesting to read. I also notice you have multiple citations and hyperlinks throughout the draft, which is great too. Please just make sure you have at least 20+ articles as resources by the time of final upload. Here are some specific suggestions:

In the sentence "lure a victim into a vulnerable situation and trick them into giving private information", the "victim" and "them" are not consistent.
For "Trustworthiness", "Susceptibility to react", and "Perception of threat", I think it might help with understanding if you give some definitions for these three terms.
For the "examples throughout history" section, I would recommend not to use "1", "2" to separate these examples, but instead, putting them into paragraphs or use the two examples as subtopic and put them under separate sub-headers.
I notice you also have a "reverse social engineering" section. I'm not sure what the content you will put into that section, but based on the title, it seems connected to "social engineering" under the "background" section to me. If it's not a very long paragraph, you could consider to include that under the "background" section as well.

In general, I think you have a well-structured draft with great details. Good job and good luck on your final upload!

[1] Greitzer, F. L.; Strozer, J. R.; Cohen, S.; Moore, A. P.; Mundie, D.; Cowley, J. (2014-05). "Analysis of Unintentional Insider Threats Deriving from Social Engineering Exploits". 2014 IEEE Security and Privacy Workshops: 236–250. doi:10.1109/SPW.2014.39. {{cite journal}}: Check date values in: |date= (help)

[:0-2] Wang, Zuoguang; Sun, Limin; Zhu, Hongsong (2020). "Defining Social Engineering in Cybersecurity". IEEE Access. 8: 85094–85115. doi:10.1109/ACCESS.2020.2992807. ISSN 2169-3536.

[:6-3] Steinmetz, Kevin F. (2020-09-07). "The Identification of a Model Victim for Social Engineering: A Qualitative Analysis". Victims & Offenders: 1–25. doi:10.1080/15564886.2020.1818658. ISSN 1556-4886.

[:7-4] Algarni, Abdullah (2019/6). "What Message Characteristics Make Social Engineering Successful on Facebook: The Role of Central Route, Peripheral Route, and Perceived Risk". Information. 10 (6): 211. doi:10.3390/info10060211. {{cite journal}}: Check date values in: |date= (help)CS1 maint: unflagged free DOI (link)

[:8-5] Paradise, Abigail; Shabtai, Asaf; Puzis, Rami (2019-09-01). "Detecting Organization-Targeted Socialbots by Monitoring Social Network Profiles". Networks and Spatial Economics. 19 (3): 731–761. doi:10.1007/s11067-018-9406-1. ISSN 1572-9427.

[:5-6] Ivaturi, Koteswara; Janczewski, Lech (2013-10-01). "Social Engineering Preparedness of Online Banks: An Asia-Pacific Perspective". Journal of Global Information Technology Management. 16 (4): 21–46. doi:10.1080/1097198X.2013.10845647. ISSN 1097-198X.

[:2-7] Ghafir, Ibrahim; Saleem, Jibran; Hammoudeh, Mohammad; Faour, Hanan; Prenosil, Vaclav; Jaf, Sardar; Jabbar, Sohail; Baker, Thar (2018-10). "Security threats to critical infrastructure: the human factor". The Journal of Supercomputing. 74 (10): 4986–5002. doi:10.1007/s11227-018-2337-2. ISSN 0920-8542. {{cite journal}}: Check date values in: |date= (help)

[:3-8] Airehrour, David; Nair, Nisha Vasudevan; Madanian, Samaneh (2018-05-03). "Social Engineering Attacks and Countermeasures in the New Zealand Banking System: Advancing a User-Reflective Mitigation Model". Information. 9 (5): 110. doi:10.3390/info9050110. ISSN 2078-2489.{{cite journal}}: CS1 maint: unflagged free DOI (link)

[9] Bleiman, Rachel (2020). "An Examination in Social Engineering: The Susceptibility of Disclosing Private Security Information in College Students". doi:10.34944/dspace/365. {{cite journal}}: Cite journal requires |journal= (help)

[10] Chin, Tommy; Xiong, Kaiqi; Hu, Chengbin (2018). "Phishlimiter: A Phishing Detection and Mitigation Approach Using Software-Defined Networking". IEEE Access. 6: 42516–42531. doi:10.1109/ACCESS.2018.2837889. ISSN 2169-3536.

[11] Greitzer, Frank L.; Strozer, Jeremy R.; Cohen, Sholom; Moore, Andrew P.; Mundie, David; Cowley, Jennifer (2014-05). "Analysis of Unintentional Insider Threats Deriving from Social Engineering Exploits". 2014 IEEE Security and Privacy Workshops. San Jose, CA: IEEE: 236–250. doi:10.1109/SPW.2014.39. ISBN 978-1-4799-5103-1. {{cite journal}}: Check date values in: |date= (help)

[12] Irani, Danesh; Balduzzi, Marco; Balzarotti, Davide; Kirda, Engin; Pu, Calton (2011). Holz, Thorsten; Bos, Herbert (eds.). "Reverse Social Engineering Attacks in Online Social Networks". Detection of Intrusions and Malware, and Vulnerability Assessment. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer: 55–74. doi:10.1007/978-3-642-22424-9_4. ISBN 978-3-642-22424-9.

[:1-13] Heartfield, Ryan; Loukas, George (2018), Conti, Mauro; Somani, Gaurav; Poovendran, Radha (eds.), "Protection Against Semantic Social Engineering Attacks", Versatile Cybersecurity, vol. 72, Cham: Springer International Publishing, pp. 99–140, doi:10.1007/978-3-319-97643-3_4, ISBN 978-3-319-97642-6, retrieved 2020-10-29

[:4-14] Workman, Michael (2007-12-13). "Gaining Access with Social Engineering: An Empirical Study of the Threat". Information Systems Security. 16 (6): 315–331. doi:10.1080/10658980701788165. ISSN 1065-898X.

[15] Krombholz, Katharina; Merkl, Dieter; Weippl, Edgar (2012-12). "Fake identities in social media: A case study on the sustainability of the Facebook business model". Journal of Service Science Research. 4 (2): 175–212. doi:10.1007/s12927-012-0008-z. ISSN 2093-0720. {{cite journal}}: Check date values in: |date= (help)

[16] Workman, Michael (2008). "Wisecrackers: A theory-grounded investigation of phishing and pretext social engineering threats to information security". Journal of the American Society for Information Science and Technology. 59 (4): 662–674. doi:10.1002/asi.20779. ISSN 1532-2882.

[17] Boshmaf, Yazan; Muslukhov, Ildar; Beznosov, Konstantin; Ripeanu, Matei (2013-02-04). "Design and analysis of a social botnet". Computer Networks. Botnet Activity: Analysis, Detection and Shutdown. 57 (2): 556–578. doi:10.1016/j.comnet.2012.06.006. ISSN 1389-1286.

[18] McCrohan, Kevin F.; Engel, Kathryn; Harvey, James W. (2010-06-14). "Influence of Awareness and Training on Cyber Security". Journal of Internet Commerce. 9 (1): 23–41. doi:10.1080/15332861.2010.487415. ISSN 1533-2861.

[19] Ghafir, Ibrahim; Saleem, Jibran; Hammoudeh, Mohammad; Faour, Hanan; Prenosil, Vaclav; Jaf, Sardar; Jabbar, Sohail; Baker, Thar (2018-10-01). "Security threats to critical infrastructure: the human factor". The Journal of Supercomputing. 74 (10): 4986–5002. doi:10.1007/s11227-018-2337-2. ISSN 1573-0484.

[20] Heartfield, Ryan; Loukas, George; Gan, Diane (2016). "You Are Probably Not the Weakest Link: Towards Practical Prediction of Susceptibility to Semantic Social Engineering Attacks". IEEE Access. 4: 6910–6928. doi:10.1109/ACCESS.2016.2616285. ISSN 2169-3536.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

Pretexting

Background

Social engineering

Pretexting in the timeline of social engineering

Reverse social engineering

Social aspect

Prized

Ability to trust

Susceptibility to react

Low perception of threat

Response to authority

Examples throughout history

Early pretexting (1970-80s)

Recent examples

Current education frameworks

See also

lilmeowmeow3161

General info[edit]

Lead[edit]

Lead evaluation[edit]

Content[edit]

Content evaluation[edit]

Tone and Balance[edit]

Tone and balance evaluation[edit]

Sources and References[edit]

Sources and references evaluation[edit]

Organization[edit]

Organization evaluation[edit]

Images and Media[edit]

Images and media evaluation[edit]

For New Articles Only[edit]

New Article Evaluation[edit]

Overall impressions[edit]

Overall evaluation[edit]

Article: Information Privacy: (Information privacy)

Lead

The lead to my article is very concise and answers all the points above. It also links to other topics that the lead mentioned that the user might not be familiar with, giving them the opportunity to read up on such topics before perhaps diving into the article further.

Content

Tone and Balance

Sources and References

Organization

Images and Media

Images and media evaluation: There are no images to evaluate. The article could improve with more images and visualizations, especially for people who aren't well-educated on the topic.

Checking the talk page

Overall impressions

Overall evaluation: Overall, the article is pretty solid information and neutrality-wise. I think the article is well-developed, although as I mentioned the inclusion of certain sections seemed a bit distracting, but those sections were overall well-written.

Article: Spoofing Attack: (Spoofing attack)

Lead

Content

Tone and Balance

Sources and References

Organization

Images and Media

Images and media evaluation: There are no images to evaluate. The article could improve with more images and visualizations, especially for people who aren't well-educated on the topic.

Checking the talk page

Overall impressions

Overall evaluation: Overall, the article is informative. I think it was broken down well and easy to understand. Perhaps more sections could be made that aren't just examples of Spoofing, and more reliable sources could be used rather than just hyperlinking other Wiki articles.

Article Feedback (Leadership)

Peer review: jameswang323

Lead

Content

Tone and Balance

Sources and References

Organization

Overall impressions

Peer review (Showtime oski)

Lead

Content

Tone and Balance

Sources and References

Organization

Overall impressions

Peer review (Brian)

General info

Lead

Lead evaluation

Content

Content evaluation

Tone and Balance

Tone and balance evaluation