- Christine Joy Yap1, Roxan C. Dela Cruz2, Kristine Soberano3
- DOI: 10.5281/zenodo.15792783
- GAS Journal of Engineering and Technology (GASJET)
The emergence of social engineering attacks has been a growing concern for cybersecurity because these attacks abuse human behavior instead of exploiting the weaknesses of technology. College students are prime targets because of their extensive use of technology and social media use along with limited formal training in cybersecurity. The purpose of this study is to explore college students’ perceptions, awareness, and behaviors of social engineering threats. A descriptive survey design was applied and involved 250 students enrolled in a range of different academic programs and year levels at Trinidad Municipal College. The data was collected using a validated researcher-developed questionnaire and analyzed using SPSS with descriptive and inferential statistics. The survey measured students’ current awareness about social engineering techniques; students’ previous experiences with suspicious-looking content; and students’ self-reported cybersecurity practices. Results indicated that although 90% of respondents routinely used the internet and 97% used social media, only 63.6% had a previous knowledge of social engineering. A large number of respondents, 83.4%, also indicated they received suspect messages – most frequently phishing scams according to previous surveys – but by far the majority chose to ignore them as opposed to taking proactive action. The statistical analysis does not show any significant correlation between demographic data and either awareness or confidence levels, but 91% of students in this study displayed a strong interest in receiving literacy education related to cybersecurity. The results suggest that while students show some level of awareness, they have neither the confidence nor experience to identify and respond to social engineering threats effectively. The recommendation is to promote structured cybersecurity education across all academic courses and programs, especially for students not in IT-related programs. More engaging, peer-led programs and using verified/current online platforms by the institutions would help students develop digital resilience.
