← BACK TO PROJECT SHOWCASE
PublicationPublished2025

Human Vulnerabilities to Social Engineering Attacks: A Systematic Literature Review for Building a Human Firewall

A PRISMA-guided SLR mapping how and why people become victims of social engineering, and how to build a practical human firewall.

RESEARCH OVERVIEW

This publication synthesizes human vulnerability patterns in social engineering attacks through a Systematic Literature Review (SLR). Using PRISMA 2020, the study screened 865 articles from Google Scholar, IEEE Xplore, Scopus, and ResearchGate, then narrowed them to 39 peer-reviewed studies (2020-2024) for thematic analysis. The paper answers two core questions: how individuals become victims and which factors increase susceptibility. Results show that social engineering success is strongly driven by human-side conditions rather than purely technical weaknesses, making behavior-centered defense a strategic necessity.

Journal

JAIC Vol. 9(4), 2025

Pages

1127-1136

Initial Articles

865

Final Studies

39

Study Window

2020-2024

RESEARCH ARTIFACTS

PRISMA-based literature selection flow
01Systematic selection pipeline from 865 records to 39 final studies
Human vulnerability factor matrix
02Psychological, social, and digital-behavioral vulnerability mapping
Human firewall conceptual framework
03Conceptual foundation for human-centered social engineering defense

PROBLEM CONTEXT

Organizations continue to invest in technical controls, yet social engineering attacks remain highly effective because attackers exploit predictable human psychology such as fear, urgency, trust, and authority bias. Existing studies were fragmented and lacked an integrated, evidence-based vulnerability map.

RESEARCH APPROACH

The research applies a rigorous PRISMA-based review pipeline (identification, screening, eligibility, inclusion), strict inclusion/exclusion criteria, and narrative thematic synthesis. The output is a consolidated framework of victimization patterns and vulnerability factors, then translated into human-centered security implications for users, institutions, and system designers.

NOVELTY & CONTRIBUTION

  • Mapped five recurring victimization patterns: emotional exploitation, authority abuse, fake urgency, low awareness, and cognitive fatigue
  • Classified three major vulnerability domains: psychological, social, and digital-behavioral factors
  • Provided evidence that human vulnerabilities are a primary attack surface in social engineering success
  • Established a conceptual foundation for a Human Firewall and future SEADM development in mobile banking context

AUTHOR CONTRIBUTION

  • Research problem framing and RQ design (RQ1 and RQ2)
  • SLR protocol design and PRISMA-compliant article selection
  • Data extraction, thematic synthesis, and evidence consolidation
  • Model conceptualization and manuscript authoring for publication

STUDY COMPONENTS

COMPONENT 01

PRISMA 2020 workflow with transparent study filtering stages

COMPONENT 02

Cross-database evidence collection from four major academic sources

COMPONENT 03

Structured vulnerability mapping with citation-backed factor categories

COMPONENT 04

Human Firewall conceptual model grounded in behavioral security findings

COMPONENT 05

Actionable implications for users, institutions, and security system design

METHODS & TOOLS

Systematic Literature ReviewPRISMA 2020Thematic SynthesisCybersecurity Behavior AnalysisAcademic Writing
READ PAPERSUPPLEMENTARY REPOSITORY

RELATED WORKS

Full-Stack

Enterprise Web Platform

A modular business platform engineered for scale and operational speed.

Infrastructure

Infrastructure Readiness Program

Reliability initiative for safer and faster product releases.

Research

Applied Research Initiative

Structured technical research for high-confidence architecture decisions.