Frequency of Exposure on Social Media Phishing at General Tinio

Senior High School

A Research Proposal summited to SIR JOSE CARLO A. ALARILLA

By:
Aquino, Edmar
Benitez, Rendel
Cabildo, Aleyah Jade
Caraig, Abraham King
Cuaresma, Khian Andrei
Delos Santos, Chrisanie
Perez, Ryan
 Chapter 1

Introduction

In this modern era, technology are essential in our daily lives, because

through technology we can access in our bank without going into the bank, like

Metrobank, BDO unibank, etc. We can also do shopping online, with only a few

clicks then you’re done. Technology brings us a convenience in our daily lives.

Lastly we can communicate through social media wherever you are you can

always message, video call, and audio call your loved one’s.

As technological advancements continue to push the boundaries of

innovation, they simultaneously introduce new risks and vulnerabilities that

challenge our security and privacy. For example we have Phishing. According to

Blancaflor (2021) Social Media Phishing were the most vulnerable with 52.17%

success rate. Compared to email phishing that only have 16.22% success rate,

meanwhile in smishing that only have 4.17% success rate.

Even though there is already have a lot of studies and warning about

phishing there are still a huge number of victims. But why? Because they are

lack of awareness of the Phishing tactics. This study aims to know why does,

social media were the most vulnerable.

Background of the Study

Republic Act No. 10175 also referred to as the Cybercrime Prevention

Act of 2012 is a Philippine legislation that seeks to prevent different forms of

cybercrime. It encompasses crimes like hacking, cybersex, identity theft, online

libel and computer-related fraud. The Act contains provisions for investigating

offences, penalties and prosecution against those committing these crimes.

Furthermore it sets up the Cybercrime Investigation and Coordinating Centre

(CICC) which will oversee implementation of this law. According to Gary

Smith, 2024, Phishing is the single most common form of cyber crime. An

estimated 3.4 billion emails a day are sent by cyber criminals, designed to look

like they come from trusted senders. This is over a trillion phishing emails per

year. In Q4 2022, The Anti-Phishing Working Group, APWG, observed

1,350,037 total phishing attacks, up from 1,270,833 the previous quarter. The

number of phishing attacks in the Philippines during the first half of 2022

already surpassed the number of attacks in the whole year of 2021. In that

period, over 1.8 million attacks have been detected compared to 1.34 million

attacks in 2021.

What is Phishing? Phishing is a type of online scam where attackers

attempt to trick individuals into revealing sensitive information, such as

passwords or financial details, by pretending to be a trustworthy source.

According to Blancaflor (2021) Social Media Phishing were the most

vulnerable with 52.17% success rate. Compared to email phishing that only

have 16.22% success rate, meanwhile in smishing that only have 4.17% success

rate. But why does there are still many victims in phishing even though there’s

already a lot of warning from the government about them. Is it because they still

don’t know the tactics of the Phishers? Or is it because they are desperate to

have a money? And lastly why does the social media were the most vulnerable

in Phishing?.

There are already a countless suggestions to avoid getting victim of

phishing, for example; Use multi-factor authentication. Multi-factor

authentication is when you need to enter two or more credentials before you can

access an account, such as entering a username and password and then

confirming with a Personal Identification Number (PIN) code sent to your

smartphone. These added layers help keep your accounts secure. Always

double-check the website address. Before placing an order or entering sensitive

information into a website, inspect the Uniform Resource Locator (URL) and

ensure you’re at the correct website. It’s possible for a spoofed website to appear

sophisticated enough that it’s difficult to spot. Never open links or attachments

from suspicious emails. If you suspect an email might be a phishing attempt, do

not open or download attachments or links. You can always access the correct

link you are looking for through a trusted website instead of through your email.
Install anti-virus software and pop-up blockers. Setting automatic updates can

help you keep your software safe. Making sure your software remains current and

installing ad blockers assists in deterring security threats. But why there are still a

lot victims of phishing? Even though the steps are just simple.

This study wish to know how often an individual encounters or interacts

with phishing attempts on social media platforms. This can include receiving

phishing messages, encountering fraudulent posts, or being exposed to

deceptive advertisements. Higher frequency of exposure might increase the

likelihood of falling victim to these scams due to repeated interactions and

growing familiarity with phishing tactics. Understanding this concept is crucial

for developing effective strategies to protect users from phishing threats.

Statement of the Problem

This study seeks to answer the general question. The Frequency of the

Exposure on Social Media Phishing and How to avoid social media phishing in

our lives. Social media phishing is on the rise due to the large number of users

and the trust people have in these social media platforms.

1). What are the reason why so many people get scammed through social media

phishing?

1.1 talk to experts and people who have experienced these types of scams
2). What makes someone a scammer? Is it because of poverty? Or else?

2.1 How they can arrange to get rich through scams

3). Why? Why are there so many scammers around us?

3.1 One difficulty is why there are scammers in society.

Theoretical framework

Heuristic-Systematic Model

A well-known model developed by Shelly Chaiken to try to explain how

people process and interpret persuasive communications is called the heuristic-

systematic model of information processing (HSM). According to the paradigm,

people can process messages either systematically or heuristically. While

heuristic processing uses simplified judgment criteria, or “heuristics,” to

evaluate a communication’s content fast, systematic processing involves

carefully and thoughtfully evaluating a message. This model’s guiding

assumption is that people are more likely to rely on heuristics or reduce the use

of cognitive resources, which might have an impact on how they take in and

process information. According to HSM, a person’s processing style will

determine how much they are convinced or show signs of a long-lasting attitude

change. HSM predicts that processing type will influence the extent to which a

person is persuaded or exhibits lasting attitude change. HSM is quite similar to

the elaboration likelihood model, or (ELM). Both models were predominantly

developed in the early- to mid-1980s and share many of the same concepts and

ideas…

Significance of the Study

This study will be beneficial to a number of people, groups, and

organizations, and the body of literature in development studies.

First, in the field of development studies, this study is essential because it

will give importance to the frequency of exposure to social media phishing.

specifically on how to avoid them.

First of all the FBI this will help them gain a bit more info on some

phishing tactics. Although some may have all info the info about that. Some may

have not.

Second are the IT students they are always using computers and internet so

they might go on some site with shady links. But if they read about our topic they

mighty reconsider about clicking random sites and links. Although again some

people might be more literate about this. Others are not.

Third every school level from grade 4 to grade 12 this study will greatly

help them to be more literate and be more aware about the types oh phishing.
 Fourth and lastly are the elderly people again this will help them to be

more knowledgeable on what to do or what not to do.

Definition of Terms

To understand our study more further, here are the definition of the terms

that we used in this study:

Authentication - is the process of verifying the identity of a user, device, or

system to ensure that they are who or what they claim to be. This is typically

done by checking credentials such as passwords, PINs, biometrics (like

fingerprints or facial recognition), security tokens, or other forms of

identification. Authentication is a critical security measure used to protect

systems and data by ensuring that only authorized individuals or devices can

access them.

Deceptive - refers to something that is intended or likely to mislead or trick

someone. It involves creating a false impression or hiding the truth in order to cause

someone to believe something that is not true. Deceptive actions, words, or

appearances can lead to misunderstandings, mistaken beliefs, or even harm, as they

are designed to manipulate others into accepting a false or inaccurate reality.

Innovation - refers to the process of creating new ideas, products, or methods, or

improving existing ones in a way that brings significant value or solves problems. It

involves thinking creatively and implementing changes that can lead to

advancements in technology, business, science, or other areas of society. Innovation

is not just about inventing something new; it’s also about making improvements that

enhance efficiency, effectiveness, or user experience

Essential - refers to Its most basic, fundamental, or core meaning. It is the primary

idea or concept that something represents, stripped of any extra details or

complexities.

Personal Identification Number (PIN) - is a numerical code used to verify the

identity of an individual in various security processes. PINs are commonly used

in banking, where they protect access to accounts when using ATMs, online

banking, or payment cards. The PIN is usually a short, secret code (often 4 to 6

digits) that is unique to the user and must be entered correctly to authenticate

the user’s identity and grant access to the protected resource or service.

Smishing - is a type of cyber attack where scammers use SMS (text messages)

to deceive individuals into revealing personal information, such as passwords,

credit card numbers, or other sensitive data. The term “smishing” is a

combination of “SMS” (Short Message Service) and “phishing,” which refers to

the broader practice of tricking people into giving up confidential information.

Uniform Resource Locator (URL) - is a specific type of Uniform Resource

Identifier (URI) that provides the address of a resource on the internet.

Essentially, a URL is the “web address” you use to access websites, files, or

other online resources.