Show simple item record

dc.contributor.authorChebii, Pamela J
dc.date.accessioned2021-12-01T08:35:04Z
dc.date.available2021-12-01T08:35:04Z
dc.date.issued2021
dc.identifier.urihttp://erepository.uonbi.ac.ke/handle/11295/155805
dc.description.abstractSocial Engineering is the science of using social interaction as a means to persuade an individual or an organization to comply with a specific request from an attacker where either the social interaction, the persuasion, or the request involves a computer-related entity. Social engineering threats are the biggest threats facing cybersecurity because they exploit the natural human tendency to trust. Human-based social engineering requires a person-to-person interaction to achieve an objective. Mobile money users are target to most criminals. Smishing is a form of phishing where someone tries to trick a victim into giving their private information via a text message. A vishing attack is a type of criminal phone fraud that uses voice messages to obtain personal information or money from victims. Consumer-based fraud represents the most prevalent form across all stages of the mobile money services operation, where offending is enabled by a lack of system-based checks and awareness. Current mobile money transfer and payment applications design does not mitigate cybersecurity risks and specifically social engineering. This study establishes the gap and proposes a design that will mitigate these risks. The literature review describes the social engineering frameworks, defensive techniques against social engineering in mobile money, and establishes the knowledge gaps that need to be filled. A descriptive research design with a qualitative approach is employed in this study. Open-ended questionnaires were used to collect the data. Results of the analysis show that 66% of the respondents have experienced social engineering attacks either through phone or SMS. The effects of Social Engineering lead to the inability to recover money once sent. A mobile application prototype called SAFECASH that can analyze and hold unconfirmed transactions, blacklist suspected contacts and lock suspected transactions is implemented and tested.en_US
dc.language.isoenen_US
dc.publisherUniversity of Nairobien_US
dc.rightsAttribution-NonCommercial-NoDerivs 3.0 United States*
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/3.0/us/*
dc.titleSecuring Mobile Money Payment and Transfer Applications Against Smishing and Vishing Social Engineering Attacksen_US
dc.typeThesisen_US


Files in this item

Thumbnail
Thumbnail

This item appears in the following Collection(s)

Show simple item record

Attribution-NonCommercial-NoDerivs 3.0 United States
Except where otherwise noted, this item's license is described as Attribution-NonCommercial-NoDerivs 3.0 United States