Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
| Publication date | 18/05/2023 |
|---|---|
| Host publication | Proceedings of the 2nd Empathy-Centric Design Workshop, EmpathiCH 2023 - Collocated with ACM CHI Conference on Human Factors in Computing Systems |
| Publisher | Association for Computing Machinery (ACM) |
| Pages | 1-6 |
| Number of pages | 6 |
| ISBN (electronic) | 9798400707490 |
| <mark>Original language</mark> | English |
| Event | EMPATHICH '23:: EmpathiCH Workshop - Hamburg, Germany Duration: 23/04/2023 → 23/04/2023 |
| Conference | EMPATHICH '23: |
|---|---|
| Country/Territory | Germany |
| City | Hamburg |
| Period | 23/04/23 → 23/04/23 |
| Name | ACM International Conference Proceeding Series |
|---|
| Conference | EMPATHICH '23: |
|---|---|
| Country/Territory | Germany |
| City | Hamburg |
| Period | 23/04/23 → 23/04/23 |
Social engineering is a popular attack vector among cyber criminals. During such attacks, impostors often attempt to trigger empathy to manipulate victims into taking dangerous actions, for example, sharing their credentials or clicking on malicious email attachments. The objective of this position paper is to initiate a conversation on the tension between positive and negative aspects of empathy in HCI as it pertains to security-relevant behaviors. To this end, we focus on the malicious ways in which empathy can be instrumentalized in social engineering. We describe examples of such empathy-related social engineering attacks, explore potential solutions (including the automated detection of empathy-triggering communication, or of empathetic communication on the part of a potential victim), and discuss technical, social as well as organizational interventions. We highlight research challenges and directions for future work.