Document Type

Senior Thesis

Publication Date

2025

Abstract

Cybersecurity has only recently gained press coverage as millions of individuals are victimized by cyberattacks. While current cybersecurity measures offer some protection, human error has been the number one cause of cyberattacks for the past eight years (Verizon, 2024). Cybercrime continues to evolve in complexity, leveraging advanced technology and human psychology to bypass traditional security systems. This study examines why individuals still fall victim to cyberattacks. It explores the psychological and cognitive factors that make individuals vulnerable, focusing on social engineering techniques such as phishing and pretexting. This study also analyzes factors from psychological theories, including Protection Motivation Theory, Routine Activities Theory, and Social Cognitive Theory. It emphasizes how impulsivity, stress, information overload, and social influence affect decision-making in cybersecurity contexts. Understanding the underlying psychological theories can explain why people fall for social engineering campaigns and inadvertently comply with common social engineering tactics. Real-world case studies, such as the Target breach and the Deepfake CFO scam, illustrate how attackers exploit emotional and cognitive vulnerabilities. By identifying these underlying factors and understanding their dynamics, we can develop and implement more effective countermeasures to enhance personal security in the digital landscape. To address these threats, the paper advocates for psychology-informed training programs, habit-forming strategies, and user-focused interventions to build resilience and foster a security-conscious culture.

Copyright

The author

Download

Share

COinS