Youth cyberhygiene on social platforms: from analysis of aitm attacks to models of safe behavior
DOI:
https://doi.org/10.34185/1562-9945-4-165-2026-07Keywords:
social engineering, social networks, cyber hygiene, AiTM (Adversary-in-the-Middle) attack, account takeover, phishing, user vulnerability, digital resilienceAbstract
This article presents a comprehensive study of the risks faced by young people in today’s social media environments. The relevance of the study stems from the rapid development of social engineering methods, which are predominantly based on psychological manipulation. A classification of social networks by user age groups is presented, which has enabled the identification of priority attack vectors for each platform. Based on an empirical survey, critical gaps in young people’s digital literacy have been identified: it was found that a significant proportion of respondents are vulnerable to Adversary-in-the-Middle (AiTM) attacks due to an inability to recognise fake domains, as well as ignoring the absence of data encryption protocols. The mechanics of session token interception and subsequent account takeover have been analysed in detail.
The practical significance of the study lies in the development of a three-tier protection model, which includes system-wide, platform-specific (Telegram, Instagram, TikTok) and network-related (Wi-Fi security) recommendations. The proposed educational and behavioural approach shifts the focus from purely technical protection measures to fostering active digital resilience in users.
References
Sotsmerezhi 2026: vazhlyva statystyka dlia komunikatsii NUO [Social Media 2026: Im-portant Statistics for NGO Communications] (2026). Hromadskyi prostir. Retrieved from https://www.prostir.ua/?kb=sotsmerezhi-2026-vazhlyva-statystyka-dlya-komunikatsij-nuo [in Ukrainian].
Khalil M. (2025). The Human Hack: 2025 Social Engineering Statistics, Trends, and Fu-ture Threats. DeepStrike. Retrieved from https://deepstrike.io/blog/social-engineering-statistics-2025 [in English].
Bullée, JW.H., Montoya, L., Pieters, W. et al. (2015). The persuasion and security aware-ness experiment: reducing the success of social engineering attacks. Journal of Experimental Criminology. Vol. 11, №1. Pp. 97–115. Retrieved from https://doi.org/10.1007/s11292-014-9222-7 [in English].
Groš S. (2024). Social engineering warfare as a tactic of information warfare. European Integration Studies. Vol. 20, №2. Pp. 67–86. Retrieved from https://doi.org/10.46941/2024.2.3 [in English].
Social Engineering. Glossary, Computer Security Resource Center. Information Technol-ogy Laboratory (2025). NIST. Retrieved from https://deepstrike.io/blog/social-engineering-statistics-2025 [in English].
Bondarenko, I. S. (2025). Kontroversiinist kontseptu «sotsialnyi inzhynirynh» v umovakh suspilno-politychnykh potriasin [The controversial nature of the concept of "social engineer-ing" in times of socio-political upheaval]. Vcheni zapysky TNU imeni V. I. Vernadskoho. Se-riia: Filolohiia. Zhurnalistyka. Vol. 36 (75). #1. Part 2. Pp. 293-299. https://doi.org/10.32782/2710-4656/2025.1.2/47 [in Ukrainian].
Polovenko L. P. & Merinova S. V. (2019). Vyiavlennia oznak sotsialnoi inzhenerii ta tekhnolohiia protydii sotsialnym khakeram na pidpryiemstvi [Identifying signs of social engi-neering and technology to counter social hackers in the enterprise]. Pidpryiemnytstvo ta inno-vatsii. №10. Pp. 183-187. https://doi.org/10.37320/2415-3583/10.28 [in Ukrainian].
Pro osnovni zasady zabezpechennia kiberbezpeky Ukrainy: Zakon Ukrainy 05 zhovtnia .2017 roku № 2163-VIII [Law of Ukraine on the Basic Principles of Ensuring Cybersecurity in Ukraine from October 5 2017, № 2163-VIII]. (2017, October 5). Retrieved from https://zakon.rada.gov.ua/laws/show/2163-19#Text [in Ukrainian].
Pro rishennia Rady natsionalnoi bezpeky i oborony Ukrainy vid 14 travnia 2021 roku «Pro Stratehiiu kiberbezpeky Ukrainy» [On the decision of the National Security and Defense Council of Ukraine of May 14, 2021 “On the Cybersecurity Strategy of Ukraine”]: Ukaz Prezydenta Ukrainy vid 26 serpnia 2021 roku № 447/2021. Retrieved from https://zakon.rada.gov.ua/laws/show/447/2021#Text [in Ukrainian].
Downloads
Published
Issue
Section
License
Copyright (c) 2026 System technologies
This work is licensed under a Creative Commons Attribution 4.0 International License.
