In this observational quasi-experimental study, we recruited 200 participants during the Federal University of Petroleum Resources Effurun’s (FUPRE) orientation, who were exposed to socially engineered (phishing) attacks over nine months. Attacks sought to extract participants’ data and/or entice them to click (compromised) links. The study aims to determine phishing exposure and risks among undergraduates in FUPRE (Nigeria) by observing their responses to socially-engineered attacks and exploring their attitudes to cybercrime risks before and after phishing attacks. The study primed all students in place of cybercrime awareness to remain vigilant to scams and explored the various scam types with their influence on gender, age, status, and their perceived safety on susceptibility to scams. Results show that contrary to public beliefs, these factors have all been found to be associated with scam susceptibility and vulnerability of the participants.

Federal University of Petroleum Resources Effurun’s; online presence; personality traits; phishing vulnerability; social media contents; socially-engineered attacks;