Cullen, Andrea J.Armitage, Lorna2016-11-282016-11-282016Cullen AJ and Armitage L (2016) The Social Engineering Attack Spiral (SEAS) In: Proceedings of the International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2016). 13-14 Jun 2016, London, UK.http://hdl.handle.net/10454/10702YesCybercrime is on the increase and attacks are becoming ever more sophisticated. Organisations are investing huge sums of money and vast resources in trying to establish effective and timely countermeasures. This is still a game of catch up, where hackers have the upper hand and potential victims are trying to produce secure systems hardened against what feels like are inevitable future attacks. The focus so far has been on technology and not people and the amount of resource allocated to countermeasures and research into cyber security attacks follows the same trend. This paper adds to the growing body of work looking at social engineering attacks and therefore seeks to redress this imbalance to some extent. The objective is to produce a model for social engineering that provides a better understanding of the attack process such that improved and timely countermeasures can be applied and early interventions implemented.en© 2016 IEEE. Full-text reproduced in accordance with the publisher’s self-archiving policy. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.Social engineeringIterative spiral modelTargeted attackInformation securityConference paperhttps://doi.org/10.1109/cybersecpods.2016.7502347Unspecified