Case study

  This assignment will be based on the following news article:

Ragan, S 2017 ‘Office 365 Phishing attacks create a sustained insider nightmare for IT’, CSO Online, 20 September, <>

Answer the following questions in relation to the news article. Assume that the audience for your responses is senior level management, who do not have a strong technical background. The word limit for this assessment item is 900 words.

1. Characterise the social engineering attacks described in the article using the ontological components specified in Mouton et al (2016) as a starting point.

2. Discuss relevant statistics (for example, from the Verizon Data Breach Investigations Report) in relation to these types of attacks.

3. Outline the typical sequence of steps undertaken for the phishing attacks described in the article.

4. Propose and justify potential mitigations for these types of attacks. Include consideration of people, process and technology factors.

Mouton, F, Leenen, L and Venter, H S 2016, ‘Social engineering attack examples, templates and scenarios’, Computers & Security, vol. 59, pp.186-209.