{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,19]],"date-time":"2026-03-19T05:31:38Z","timestamp":1773898298553,"version":"3.50.1"},"reference-count":51,"publisher":"Emerald","issue":"5","license":[{"start":{"date-parts":[[2019,10,7]],"date-time":"2019-10-07T00:00:00Z","timestamp":1570406400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ITP"],"published-print":{"date-parts":[[2019,10,7]]},"abstract":"<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Purpose<\/jats:title>\n<jats:p>Online social network (OSN) users have a high propensity to malware threats due to the trust and persuasive factors that underpin OSN models. The escalation of social engineering malware encourages a growing demand for end-user security awareness measures. The purpose of this paper is to take the theoretical cybersecurity awareness model TTAT-MIP and test its feasibility via a Facebook app, namely social network criminal (SNC).<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Design\/methodology\/approach<\/jats:title>\n<jats:p>The research employs a mixed-methods approach to evaluate the SNC app. A system usability scale measures the usability of SNC. Paired samples <jats:italic>t<\/jats:italic>-tests were administered to 40 participants to measure security awareness \u2013 before and after the intervention. Finally, 20 semi-structured interviews were deployed to obtain qualitative data about the usefulness of the App itself.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Findings<\/jats:title>\n<jats:p>Results validate the effectiveness of OSN apps utilising a TTAT-MIP model \u2013 specifically the mass interpersonal persuasion (MIP) attributes. Using TTAT-MIP as a guidance, practitioners can develop security awareness systems that better leverage the intra-relationship model of OSNs.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Research limitations\/implications<\/jats:title>\n<jats:p>The primary limitation of this study is the experimental settings. Although the results testing the TTAT-MIP Facebook app are promising, these were set under experimental conditions.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Practical implications<\/jats:title>\n<jats:p>SNC enable persuasive security behaviour amongst employees and avoid potential malware threats. SNC support consistent security awareness practices by the regular identification of new threats which may inspire the creation of new security awareness videos.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Social implications<\/jats:title>\n<jats:p>The structure of OSNs is making it easier for malicious users to carry out their activities without the possibility of detection. By building a security awareness programme using the TTAT-MIP model, organisations can proactively manage security awareness.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Originality\/value<\/jats:title>\n<jats:p>Many security systems are cumbersome, inconsistent and non-specific. The outcome of this research provides organisations and security practitioners with a framework for designing and developing proactive and tailored security awareness systems.<\/jats:p>\n<\/jats:sec>","DOI":"10.1108\/itp-06-2018-0278","type":"journal-article","created":{"date-parts":[[2019,8,7]],"date-time":"2019-08-07T11:11:23Z","timestamp":1565176283000},"page":"1276-1300","source":"Crossref","is-referenced-by-count":15,"title":["Online social network security awareness: mass interpersonal persuasion using a Facebook app"],"prefix":"10.1108","volume":"32","author":[{"given":"Ehinome","family":"Ikhalia","sequence":"first","affiliation":[]},{"given":"Alan","family":"Serrano","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3148-6691","authenticated-orcid":false,"given":"David","family":"Bell","sequence":"additional","affiliation":[]},{"given":"Panos","family":"Louvieris","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"issue":"3","key":"key2019092316142196900_ref001","first-page":"176","article-title":"The need for effective information security awareness","volume":"3","year":"2012","journal-title":"Journal of Advances in Information Technology"},{"key":"key2019092316142196900_ref002","doi-asserted-by":"publisher","first-page":"304","DOI":"10.1016\/j.chb.2014.05.046","article-title":"Security awareness of computer users: a phishing threat avoidance perspective","volume":"38","year":"2014","journal-title":"Computers in Human Behavior"},{"issue":"6","key":"key2019092316142196900_ref003","doi-asserted-by":"crossref","first-page":"574","DOI":"10.1080\/10447310802205776","article-title":"An empirical evaluation of the system usability scale","volume":"24","year":"2008","journal-title":"International Journal of Human-Computer Interaction"},{"key":"key2019092316142196900_ref300","first-page":"1","article-title":"Functionality vs. security in IS: tradeoff or equilibrium","year":"2012","journal-title":"International Conference on Information System, Orlando"},{"key":"key2019092316142196900_ref004","first-page":"189","article-title":"SUS: a quick and dirty usability scale","year":"1996"},{"key":"key2019092316142196900_ref005","first-page":"229","article-title":"Statistics and social network of YouTube videos","year":"2008"},{"key":"key2019092316142196900_ref301","year":"2004","journal-title":"Research Methods and Statistics in Psychology"},{"key":"key2019092316142196900_ref006","first-page":"395","article-title":"Qualitative inquiry & choosing among five approaches","year":"2012","journal-title":"Qualitative Inquiry and Research Design"},{"key":"key2019092316142196900_ref007","first-page":"581","article-title":"Why phishing works","year":"2006"},{"issue":"2","key":"key2019092316142196900_ref008","first-page":"47","article-title":"Consumer behaviour in social networking sites: implications for marketers","volume":"30","year":"2011","journal-title":"Irish Journal of Management"},{"issue":"3","key":"key2019092316142196900_ref009","first-page":"2183","article-title":"Marketing to youth in the digital age: the promotion of unhealthy products and health promoting behaviours on social media","volume":"4","year":"2016","journal-title":"Media and Communication"},{"key":"key2019092316142196900_ref010","first-page":"1065","article-title":"You\u2019ve been warned: an empirical study of the effectiveness of web browser phishing warnings","year":"2008"},{"key":"key2019092316142196900_ref011","first-page":"8","article-title":"Malware propagation in online social networks","year":"2009"},{"issue":"1","key":"key2019092316142196900_ref012","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1177\/160940690600500107","article-title":"Demonstrating rigor using thematic analysis: a hybrid approach of inductive and deductive coding and theme development","volume":"5","year":"2006","journal-title":"International Journal of Qualitative Methods"},{"key":"key2019092316142196900_ref013","first-page":"36","volume-title":"Principles of Persuasion in Social Engineering and their use in Phishing","year":"2015"},{"key":"key2019092316142196900_ref014","first-page":"23","volume-title":"Mass Interpersonal Persuasion: An Early View of a new Phenomenon","year":"2008"},{"issue":"4","key":"key2019092316142196900_ref015","doi-asserted-by":"crossref","first-page":"56","DOI":"10.1109\/MIC.2011.50","article-title":"Security issues in online social networks","volume":"15","year":"2011","journal-title":"IEEE Internet Computing"},{"key":"key2019092316142196900_ref016","first-page":"35","article-title":"Detecting and characterizing social spam campaigns","year":"2010"},{"key":"key2019092316142196900_ref017","first-page":"82","article-title":"Calculating, interpreting, and reporting Cronbach\u2019s alpha reliability coefficient for Likert-type scales","year":"2003"},{"key":"key2019092316142196900_ref019","first-page":"537","article-title":"A literature survey on social engineering attacks: phishing attack","year":"2017"},{"issue":"3","key":"key2019092316142196900_ref020","doi-asserted-by":"crossref","first-page":"265","DOI":"10.1016\/j.bushor.2011.01.007","article-title":"We\u2019re all connected: the power of the social media ecosystem","volume":"54","year":"2011","journal-title":"Business Horizons"},{"key":"key2019092316142196900_ref021","first-page":"203","article-title":"Experiences from conducting semi-structured interviews in empirical software engineering research","year":"2005"},{"issue":"5","key":"key2019092316142196900_ref022","first-page":"342","article-title":"The impact of user interactions in social media on brand awareness and purchase intention: the case of MINI on Facebook","volume":"22","year":"2013","journal-title":"Journal of Product and Brand Management"},{"key":"key2019092316142196900_ref023","article-title":"A malware threat avoidance model for online social network users","year":"2017"},{"key":"key2019092316142196900_ref024","first-page":"1","article-title":"A framework for designing an effective security awareness system for online social network users","year":"2015"},{"key":"key2019092316142196900_ref025","article-title":"Developing a new model for the avoidance of malware threats through online social networks","year":"2016"},{"issue":"1","key":"key2019092316142196900_ref026","first-page":"31","article-title":"Developing and implementing TTAT-MIP for the avoidance of malware threats through online social networks","volume":"15","year":"2017","journal-title":"IADIS International Journal on WWW\/Internet"},{"issue":"1","key":"key2019092316142196900_ref027","doi-asserted-by":"crossref","first-page":"59","DOI":"10.1016\/j.bushor.2009.09.003","article-title":"Users of the world, unite! the challenges and opportunities of Social Media","volume":"53","year":"2010","journal-title":"Business Horizons"},{"key":"key2019092316142196900_ref028","unstructured":"Kaspersky (2015), \u201cZeus Trojan malware threat | Zbot and other names | Kaspersky lab UK\u201d, available at: Www.Kaspersky.Co.Uk (accessed 19 February 2019)."},{"issue":"7","key":"key2019092316142196900_ref029","doi-asserted-by":"crossref","first-page":"394","DOI":"10.17705\/1jais.00232","article-title":"Understanding security behaviors in personal computer usage: a threat avoidance perspective","volume":"11","year":"2010","journal-title":"Journal of the Association for Information Systems"},{"issue":"3","key":"key2019092316142196900_ref030","doi-asserted-by":"crossref","first-page":"1152","DOI":"10.1016\/j.chb.2010.12.009","article-title":"Why people use social networking sites: an empirical study integrating network externalities and motivation theory","volume":"27","year":"2011","journal-title":"Computers in Human Behavior"},{"issue":"3","key":"key2019092316142196900_ref031","doi-asserted-by":"crossref","first-page":"1","DOI":"10.4018\/irmj.2011070101","article-title":"Social engineering","volume":"24","year":"2011","journal-title":"Information Resources Management Journal"},{"key":"key2019092316142196900_ref032","first-page":"773","article-title":"Towards measuring and mitigating social engineering software attacks","year":"2016"},{"issue":"8","key":"key2019092316142196900_ref033","first-page":"57","article-title":"People are the answer to security","volume":"11","year":"2013","journal-title":"International\u00a0Journal\u00a0of Computer Science and Information Security"},{"key":"key2019092316142196900_ref302","year":"2016","journal-title":"SPSS Survival Manual: A Step by Step Guide to Data Analysis Using IM SPSS"},{"key":"key2019092316142196900_ref034","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1016\/j.cose.2013.12.003","article-title":"Determining employee awareness using the human aspects of information security questionnaire (HAIS-Q)","volume":"42","year":"2014","journal-title":"Computers and Security"},{"issue":"2","key":"key2019092316142196900_ref035","doi-asserted-by":"crossref","first-page":"422","DOI":"10.1016\/j.comnet.2012.06.023","article-title":"Titans\u2019 revenge: detecting Zeus via its own flaws","volume":"57","year":"2013","journal-title":"Computer Networks"},{"key":"key2019092316142196900_ref036","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1016\/j.jcomdis.2017.07.002","article-title":"The paired t test and beyond: recommendations for testing the central tendencies of two paired samples in research on speech, language and hearing pathology","volume":"69","year":"2017","journal-title":"Journal of Communication Disorders"},{"key":"key2019092316142196900_ref037","article-title":"Social engineering: a serious underestimated problem","year":"2009"},{"issue":"2","key":"key2019092316142196900_ref038","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1080\/15252019.2009.10722152","article-title":"The creativeness and effectiveness of online interactive rich media advertising","volume":"9","year":"2009","journal-title":"Journal of Interactive Advertising"},{"key":"key2019092316142196900_ref039","doi-asserted-by":"crossref","unstructured":"Shaw, R.S., Chen, C.C., Harris, A.L. and Huang, H.-J. (2009), \u201cThe impact of information richness on information security awareness training effectiveness\u201d, Computers & Education, Vol. 52 No. 1, pp. 92-100.","DOI":"10.1016\/j.compedu.2008.06.011"},{"key":"key2019092316142196900_ref040","first-page":"88","article-title":"Anti-phishing phil: the design and evaluation of a game that teaches people not to fall for phish","year":"2007"},{"issue":"10","key":"key2019092316142196900_ref041","first-page":"419","article-title":"The importance of animation as a visual method in learning chemistry","volume":"3","year":"2010","journal-title":"Concept Maps: Making Learning Meaningful"},{"key":"key2019092316142196900_ref043","first-page":"309","article-title":"The impact of information security awareness training on information security behaviour: the case for","year":"2014","journal-title":"Information Security"},{"issue":"4","key":"key2019092316142196900_ref044","doi-asserted-by":"crossref","first-page":"167","DOI":"10.1108\/09685229810227649","article-title":"Information security awareness: educating your users effectively","volume":"6","year":"1998","journal-title":"Information Management & Computer Security"},{"issue":"3","key":"key2019092316142196900_ref045","first-page":"754","article-title":"Qualitative interview design: a practical guide for novice investigators","volume":"15","year":"2010","journal-title":"The Qualitative Report"},{"issue":"1","key":"key2019092316142196900_ref046","doi-asserted-by":"crossref","first-page":"71","DOI":"10.2307\/3250959","article-title":"A longitudinal investigation of personal computers in homes: adoption determinants and emerging challenges","volume":"25","year":"2001","journal-title":"Management Information Systems"},{"issue":"6","key":"key2019092316142196900_ref047","doi-asserted-by":"crossref","first-page":"315","DOI":"10.1080\/10658980701788165","article-title":"Gaining access with social engineering: an empirical study of the threat","volume":"16","year":"2007","journal-title":"Information Systems Security"},{"key":"key2019092316142196900_ref048","first-page":"196","article-title":"Malware propagation in online social networks: nature, dynamics, and defense implications categories and subject descriptors","year":"2007"},{"issue":"4","key":"key2019092316142196900_ref049","doi-asserted-by":"crossref","first-page":"488","DOI":"10.1109\/TDSC.2015.2410792","article-title":"VoteTrust: leveraging friend invitation graph to defend against social network Sybils","volume":"13","year":"2016","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"key":"key2019092316142196900_ref050","article-title":"Deploying social network security awareness through mass interpersonal persuasion (MIP)","year":"2018"}],"container-title":["Information Technology &amp; People"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ITP-06-2018-0278\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ITP-06-2018-0278\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,24]],"date-time":"2025-07-24T21:54:59Z","timestamp":1753394099000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/itp\/article\/32\/5\/1276-1300\/185105"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,10,7]]},"references-count":51,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2019,10,7]]}},"alternative-id":["10.1108\/ITP-06-2018-0278"],"URL":"https:\/\/doi.org\/10.1108\/itp-06-2018-0278","relation":{},"ISSN":["0959-3845"],"issn-type":[{"value":"0959-3845","type":"print"}],"subject":[],"published":{"date-parts":[[2019,10,7]]}}}