The interplay of profiling, social engineering tactics, and situational factors in shaping cybersecurity awareness

The rapid expansion of the internet has contributed to a rise in cybercrime, scams, and various emerging threats. The current social engineering framework focuses on technical defences and general risks, but fails to address the psychological tactics of social engineering or the diverse demographic and psychological profiles of victims. To address this gap, this study aims to refine the awareness framework by integrating an analysis of social engineering factors and victim profiles to better measure cybersecurity awareness. The objectives of this study are to identify the most prevalent victim profiles using cluster analysis and examine social engineering factors affecting cybersecurity awareness; and test the moderating role of situational factors in the relationship between social engineering factors and cybersecurity awareness. A structured online survey measuring attack experiences and cybersecurity awareness was distributed to 131 higher-education students in Malaysia. Data were analysed using multiple regression and K-means cluster analysis to identify patterns among the variables. A detailed analysis based on Protection Motivation Theory and Routine Activity Theory provided a more comprehensive explanation of cybersecurity awareness. The findings indicate that social engineering tactics are a major driver of cybersecurity awareness, while place of study and gender emerge as two significant variables in victim profiling. The refined awareness model incorporates psychological, demographic, and situational factors to provide a practical framework for enhancing an individual's defence system and developing an effective, focused cybersecurity awareness programme. These insights offer valuable guidance for policymakers in designing targeted cybersecurity education initiatives, persona-based training modules, and context-aware awareness campaigns for mitigating social engineering risks among vulnerable populations.