Avisha Das,Shahryar Baki,Ayman El Aassal,Rakesh Verma,Arthur Dunbar

DOI: https://doi.org/10.48550/arXiv.1911.00953

2019-11-04

Abstract:Phishing and spear-phishing are typical examples of masquerade attacks since trust is built up through impersonation for the attack to succeed. Given the prevalence of these attacks, considerable research has been conducted on these problems along multiple dimensions. We reexamine the existing research on phishing and spear-phishing from the perspective of the unique needs of the security domain, which we call security challenges: real-time detection, active attacker, dataset quality and base-rate fallacy. We explain these challenges and then survey the existing phishing/spear phishing solutions in their light. This viewpoint consolidates the literature and illuminates several opportunities for improving existing solutions. We organize the existing literature based on detection techniques for different attack vectors (e.g., URLs, websites, emails) along with studies on user awareness. For detection techniques, we examine properties of the dataset, feature extraction, detection algorithms used, and performance evaluation metrics. This work can help guide the development of more effective defenses for phishing, spear-phishing, and email masquerade attacks of the future, as well as provide a framework for a thorough evaluation and comparison.

Cryptography and Security

Cynthia Dhinakaran,Dhinaharan Nagamalai,Jae Kwang Lee

DOI: https://doi.org/10.48550/arXiv.1108.1593

2011-08-08

Abstract:Spam messes up users inbox, consumes resources and spread attacks like DDoS, MiM, phishing etc. Phishing is a byproduct of email and causes financial loss to users and loss of reputation to financial institutions. In this paper we examine the characteristics of phishing and technology used by Phishers. In order to counter anti-phishing technology, phishers change their mode of operation; therefore a continuous evaluation of phishing only helps us combat phisher effectiveness. In our study, we collected seven hundred thousand spam from a corporate server for a period of 13 months from February 2008 to February 2009. From the collected data, we identified different kinds of phishing scams and mode of operation. Our observation shows that phishers are dynamic and depend more on social engineering techniques rather than software vulnerabilities. We believe that this study will develop more efficient anti-phishing methodologies. Based on our analysis, we developed an anti-phishing methodology and implemented in our network. The results show that this approach is highly effective to prevent phishing attacks. The proposed approach reduced more than 80% of the false negatives and more than 95% of phishing attacks in our network.

Cryptography and Security

Wajeb Gharibi

DOI: https://doi.org/10.48550/arXiv.1201.0949

2012-01-05

Abstract:Phishing (password + fishing) is a form of cyber crime based on social engineering and site spoofing techniques. The name of 'phishing' is a conscious misspelling of the word 'fishing' and involves stealing confidential data from a user's computer and subsequently using the data to steal the user's money. In this paper, we study, discuss and propose the phishing attack stages and types, technologies for detection of phishing web pages, and conclude our paper with some important recommendations for preventing phishing for both consumer and company.

Cryptography and Security

B. Issac,R. Chiong,S.M. Jacob

DOI: https://doi.org/10.48550/arXiv.1410.4672

2014-10-17

Abstract:One of the biggest problems with the Internet technology is the unwanted spam emails. The well disguised phishing email comes in as part of the spam and makes its entry into the inbox quite frequently nowadays. While phishing is normally considered a consumer issue, the fraudulent tactics the phishers use are now intimidating the corporate sector as well. In this paper, we analyze the various aspects of phishing attacks and draw on some possible defenses as countermeasures. We initially address the different forms of phishing attacks in theory, and then look at some examples of attacks in practice, along with their common defenses. We also highlight some recent statistical data on phishing scam to project the seriousness of the problem. Finally, some specific phishing countermeasures at both the user level and the organization level are listed, and a multi-layered anti-phishing proposal is presented to round up our studies.

Cryptography and Security

Azhar Ghafoor,,Munam Ali Shah,Bilal Zaka,Muhammad Nawaz,,,

DOI: https://doi.org/10.58245/ipsi.tir.2402.06

2024-07-01

Abstract:Phishing remains a pervasive cybersecurity threat, leveraging social engineering and technological deception to obtain sensitive information and credentials. This research explores novel attack paths employed by sophisticated adversaries, focusing on the identification and analysis of emerging tactics to enhance understanding and awareness of evolving phishing threats. The study uncovers various attack vectors, including the impersonation of reputable entities and the exploitation of legitimate platforms for malicious purposes. Notably, it highlights the increasing prevalence of documentbased and social media-based phishing campaigns, underscoring the adaptability of attackers in exploiting diverse channels to deceive users. Furthermore, the research evaluates the effectiveness of current countermeasures and proposes actionable strategies to mitigate phishing risks for organizations. Recommendations include strengthening email protection measures, implementing robust web filtering systems, and conducting simulated phishing campaigns to enhance employee awareness. By providing insights into emerging attack paths and practical recommendations, this research contributes to the ongoing efforts to combat phishing threats and strengthen cybersecurity resilience. The findings underscore the critical importance of proactive measures and continuous vigilance in safeguarding against evolving cyber threats in today's dynamic digital landscape.

ZHANG Bo,LI Wei-Hua

DOI: https://doi.org/10.3969/j.issn.1002-137x.2006.03.027

2006-01-01

Abstract:The phishing hazard becomes more and more terrible.This paper introduces and analyses the phishing attack behaviors.It adopts the methods of building the attack forest and sorting the attack behaviours and then constitutes the attack model.It presents the anti-phishing theory system and some countermeasure.Furthermore it analyses the phishing attack and defence based on the IPv6.

Marcus Butavicius,Kathryn Parsons,Malcolm Pattinson,Agata McCormac

DOI: https://doi.org/10.48550/arXiv.1606.00887

2016-05-28

Abstract:We examined the influence of three social engineering strategies on users' judgments of how safe it is to click on a link in an email. The three strategies examined were authority, scarcity and social proof, and the emails were either genuine, phishing or spear-phishing. Of the three strategies, the use of authority was the most effective strategy in convincing users that a link in an email was safe. When detecting phishing and spear-phishing emails, users performed the worst when the emails used the authority principle and performed best when social proof was present. Overall, users struggled to distinguish between genuine and spear-phishing emails. Finally, users who were less impulsive in making decisions generally were less likely to judge a link as safe in the fraudulent emails. Implications for education and training are discussed.

Computers and Society,Cryptography and Security

B. B. Gupta,Nalin Asanka Gamagedara Arachchilage,Konstantinos E. Psannis

DOI: https://doi.org/10.48550/arXiv.1705.09819

2017-05-27

Abstract:Internet technology is so pervasive today, for example, from online social networking to online banking, it has made people's lives more comfortable. Due the growth of Internet technology, security threats to systems and networks are relentlessly inventive. One such a serious threat is "phishing", in which, attackers attempt to steal the user's credentials using fake emails or websites or both. It is true that both industry and academia are working hard to develop solutions to combat against phishing threats. It is therefore very important that organisations to pay attention to end-user awareness in phishing threat prevention. Therefore, the aim of our paper is twofold. First, we will discuss the history of phishing attacks and the attackers' motivation in details. Then, we will provide taxonomy of various types of phishing attacks. Second, we will provide taxonomy of various solutions proposed in literature to protect users from phishing based on the attacks identified in our taxonomy. Moreover, we have also discussed impact of phishing attacks in Internet of Things (IoTs). We conclude our paper discussing various issues and challenges that still exist in the literature, which are important to fight against with phishing threats.

Cryptography and Security

Jianyi Zhang,Luo Si,Zhe Gong,Xia Ouyang,Chaohua Wu,Xin Yang

DOI: https://doi.org/10.4156/ijact.vol3.issue9.20

2011-01-01

International Journal of Advancements in Computing Technology

Abstract:The phishing problem has become the most dangerous form of online fraud to hit the Internet business. Many companies, organizations and software vendors have released their proprietary detection systems. This paper surveys these recent state of the art anti-phishing techniques. After analyzing and categorizing these methods, we list the comparison, merits and demerits of every mechanism. And in the last, we discussed the directions of the future anti-phishing systems’ development.

M. Tariq Banday,Jameel A. Qadri

DOI: https://doi.org/10.48550/arXiv.1112.5732

2011-12-24

Abstract:In today's business environment, it is difficult to imagine a workplace without access to the web, yet a variety of email born viruses, spyware, adware, Trojan horses, phishing attacks, directory harvest attacks, DoS attacks, and other threats combine to attack businesses and customers. This paper is an attempt to review phishing - a constantly growing and evolving threat to Internet based commercial transactions. Various phishing approaches that include vishing, spear phishng, pharming, keyloggers, malware, web Trojans, and others will be discussed. This paper also highlights the latest phishing analysis made by Anti-Phishing Working Group (APWG) and Korean Internet Security Center.

Cryptography and Security

Kalam Khadka,Abu Barkat Ullah,Wanli Ma,Elisa Martinez Marroquin

DOI: https://doi.org/10.1109/TrustCom60117.2023.00222

2024-12-24

Abstract:Research shows that phishing emails often utilize persuasion techniques, such as social proof, liking, consistency, authority, scarcity, and reciprocity to gain trust to obtain sensitive information or maliciously infect devices. The link between principles of persuasion and social engineering attacks, particularly in phishing email attacks, is an important topic in cyber security as they are the common and effective method used by cybercriminals to obtain sensitive information or access computer systems. This survey paper concluded that spear phishing, a targeted form of phishing, has been found to be specifically effective as attackers can tailor their messages to the specific characteristics, interests, and vulnerabilities of their targets. Understanding the uses of the principles of persuasion in spear phishing is key to the effective defence against it and eventually its elimination. This survey paper systematically summarizes and presents the current state of the art in understanding the use of principles of persuasion in phishing. Through a systematic review of the existing literature, this survey paper identifies a significant gap in the understanding of the impact of principles of persuasion as a social engineering strategy in phishing attacks and highlights the need for further research in this area.

Cryptography and Security,Computers and Society,Human-Computer Interaction

Anargyros Chrysanthou,Yorgos Pantis,Constantinos Patsakis

DOI: https://doi.org/10.1016/j.cose.2024.103780

IF: 5.105

2024-02-25

Computers & Security

Abstract:In an era dominated by digital interactions, phishing campaigns have evolved to exploit not just technological vulnerabilities but also human traits. This study takes an unprecedented deep dive into large-scale phishing campaigns aimed at Meta's users, offering a dual perspective on the technical mechanics and human elements involved. Analysing data from over 25,000 victims worldwide, we highlight the nuances of these campaigns, from the intricate techniques deployed by the attackers to the sentiments and behaviours of those targeted. Unlike prior research conducted in controlled environments, this investigation capitalises on the vast, diverse, and genuine data extracted directly from active phishing campaigns, allowing for a more holistic understanding of the drivers, facilitators, and human factors. Through applying advanced computational techniques, including natural language processing and machine learning, this work unveils critical insights into the psyche of victims and the evolving tactics of modern phishers. Our analysis illustrates very poor password selection choices from the victims, with 30.27% of them picking low-complexity passwords and 58.23% reusing leaked passwords. Additionally, more than 10% exhibit strong persistence in re-victimisation by posting again to the phishing platforms of the same phishers. Finally, we reveal many correlations regarding demographics and the time periods when victims are more vulnerable during the day, as well as analyse the sentiment, emotion, and tone of text responses that they submitted, illustrating how convinced they were of the scam.

computer science, information systems

Anargyros Chrysanthou,Yorgos Pantis,Constantinos Patsakis

2023-10-05

Abstract:In an era dominated by digital interactions, phishing campaigns have evolved to exploit not just technological vulnerabilities but also human traits. This study takes an unprecedented deep dive into large-scale phishing campaigns aimed at Meta's users, offering a dual perspective on the technical mechanics and human elements involved. Analysing data from over 25,000 victims worldwide, we highlight the nuances of these campaigns, from the intricate techniques deployed by the attackers to the sentiments and behaviours of those who were targeted. Unlike prior research conducted in controlled environments, this investigation capitalises on the vast, diverse, and genuine data extracted directly from active phishing campaigns, allowing for a more holistic understanding of the drivers, facilitators, and human factors. Through the application of advanced computational techniques, including natural language processing and machine learning, this work unveils critical insights into the psyche of victims and the evolving tactics of modern phishers. Our analysis illustrates very poor password selection choices from the victims but also persistence in the revictimisation of a significant part of the users. Finally, we reveal many correlations regarding demographics, timing, sentiment, emotion, and tone of the victims' responses.

Cryptography and Security

Mario Ciprian Birlea

DOI: https://doi.org/10.48550/arXiv.2004.01556

2020-04-01

Abstract:This paper aims to provide an understanding of what a phishing attack is, the types of phishing attacks and methods employed by cyber criminals. This journal will also provide an understanding on where phishing attacks are carried via various technologies and provide an understanding of working actively to detect and proactively to prevent. As we are continuously developing the technology the chance of cyber-attacks will proportionally increase. Consequently, this paper will help the readers understand what studies have been conducted, analyzed and results provided pinpointed the essence of phishing attacks.

Cryptography and Security

Jingguo Wang,Rui Chen,Tejaswini Herath,H. Raghav Rao

2009-01-01

Abstract:Phishing is a growing phenomenon, which has not Only Caused billions in losses, but also has eroded consumer confidence in online transactions. To develop effective countermeasures, we need to understand how phishing e-mails exploit human vulnerabilities. We develop a framework to explore phishing from the perspective of victims. The framework helps understand different features that are utilized by phishers in designing e-mails and websites. We further explore the design patterns of phishing attacks. We collect 195 phishing records from the antiphishing work group website. Using content analysis and two-step cluster analysis, we examine those attacks for the presence of design features identified through our framework. We find that phishing attacks in different time periods present different characteristics, and the quality of phishing attacks have advanced consistently over time. Finally, on the basis of the location of the phishing hosts, we group the phishing attacks into four groups: USA, Asia, Europe, and South America. We find interesting patterns among the phishing attacks worldwide and pinpoint the major similarities and differences.

Aanchal Jain,Vineet Richariya

DOI: https://doi.org/10.48550/arXiv.1110.0360

2011-10-03

Abstract:Phishing is the combination of social engineering and technical exploits designed to convince a victim to provide personal information, usually for the monetary gain of the attacker. Phishing has become the most popular practice among the criminals of the Web. Phishing attacks are becoming more frequent and sophisticated. The impact of phishing is drastic and significant since it can involve the risk of identity theft and financial losses. Phishing scams have become a problem for online banking and e-commerce users. In this paper we propose a novel approach to detect phishing attacks. We implemented a prototype web browser which can be used as an agent and processes each arriving email for phishing attacks. Using email data collected over a period time we demonstrate data that our approach is able to detect more phishing attacks than existing schemes.

Cryptography and Security

Sijie Zhuo,Robert Biddle,Yun Sing Koh,Danielle Lottridge,Giovanni Russello

DOI: https://doi.org/10.48550/arXiv.2202.07905

2022-02-16

Abstract:Phishing is recognised as a serious threat to organisations and individuals. While there have been significant technical advances in blocking phishing attacks, people remain the last line of defence after phishing emails reach their email client. Most of the existing literature on this subject has focused on the technical aspects related to phishing. However, the factors that cause humans to be susceptible to phishing attacks are still not well-understood. To fill this gap, we reviewed the available literature and we propose a three-stage Phishing Susceptibility Model (PSM) for explaining how humans are involved in phishing detection and prevention, and we systematically investigate the phishing susceptibility variables studied in the literature and taxonomize them using our model. This model reveals several research gaps that need to be addressed to improve users' detection performance. We also propose a practical impact assessment of the value of studying the phishing susceptibility variables, and quality of evidence criteria. These can serve as guidelines for future research to improve experiment design, result quality, and increase the reliability and generalizability of findings.

Cryptography and Security,Computers and Society,Human-Computer Interaction

Gianluca Stringhini,Olivier Thonnard

DOI: https://doi.org/10.48550/arXiv.1410.6629

2014-10-24

Abstract:One of the ways in which attackers try to steal sensitive information from corporations is by sending spearphishing emails. This type of emails typically appear to be sent by one of the victim's coworkers, but have instead been crafted by an attacker. A particularly insidious type of spearphishing emails are the ones that do not only claim to come from a trusted party, but were actually sent from that party's legitimate email account that was compromised in the first place. In this paper, we propose a radical change of focus in the techniques used for detecting such malicious emails: instead of looking for particular features that are indicative of attack emails, we look for possible indicators of impersonation of the legitimate owners. We present IdentityMailer, a system that validates the authorship of emails by learning the typical email-sending behavior of users over time, and comparing any subsequent email sent from their accounts against this model. Our experiments on real world e-mail datasets demonstrate that our system can effectively block advanced email attacks sent from genuine email accounts, which traditional protection systems are unable to detect. Moreover, we show that it is resilient to an attacker willing to evade the system. To the best of our knowledge, IdentityMailer is the first system able to identify spearphishing emails that are sent from within an organization, by a skilled attacker having access to a compromised email account.

Cryptography and Security

Marc Rader,Shawon Rahman

DOI: https://doi.org/10.5121/ijnsa.2013.5402

2015-12-01

Abstract:Organizations invest heavily in technical controls for their Information Assurance (IA) infrastructure. These technical controls mitigate and reduce the risk of damage caused by outsider attacks. Most organizations rely on training to mitigate and reduce risk of non-technical attacks such as social engineering. Organizations lump IA training into small modules that personnel typically rush through because the training programs lack enough depth and creativity to keep a trainee engaged. The key to retaining knowledge is making the information memorable. This paper describes common and emerging attack vectors and how to lower and mitigate the associated risks.

Cryptography and Security,Computers and Society

Tejveer Singh,Manoj Kumar,Santosh Kumar

DOI: https://doi.org/10.1016/j.compeleceng.2024.109374

IF: 4.152

2024-06-20

Computers & Electrical Engineering

Abstract:Phishing has emerged as a significant cyber threat, resulting in huge financial frauds for internet users annually. This malicious activity uses social engineering and upgraded methodologies (like file archiver in the browser, content injection, calendar phishing, more convincing fake websites or emails, voice manipulation, or other tools designed to deceive and exploit the target's confidence) to extract sensitive information from unsuspected victims. In order to mitigate these attacks, several methods and tools have been devised; various detection techniques and block phishing websites, and browser extensions that notify users about suspicious websites. Our work elaborates on meticulous analysis of the detection of phishing attacks by classifying them into four broader categories based on the adopted methodologies like List-Based Detection, Heuristic-Based Detection, machine learning (ML)-based, and deep learning (DL)-based. Additionally, it summarizes the popular devised schemes, highlighting their advantages and limitations, and how these are suitable for the different types of deployments.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture