Scamming Higher Ed: An Analysis of Phishing Content and Trends

Ethan Morrow
DOI: https://doi.org/10.1016/j.chb.2024.108274
IF: 9.9
2024-04-27
Computers in Human Behavior
Abstract:Universities are frequent targets of cyberattacks. This investigation seeks to explore common phishing techniques targeting institutions of higher education. This study analyzes the content and message features of a sample of 2,300 emails from 2010 to 2023 collected from Cornell's Phish Bowl, including topics, persuasive appeals, emotional appeals, and spelling errors. Using analyses of association and text mining, the work maps out changes in phishing trends over time. One major finding is that security-focused phish have been replaced by those attempting to reflect routine university life, such as job offer scams. Additionally, this study identifies authority and scarcity as common persuasive appeals in phishing attempts and demonstrates a decrease in spelling errors over time. These findings have practical implications for cybersecurity training and awareness. They may also guide future work seeking to determine user susceptibility to phishing by providing insight into frequent attacks.
psychology, multidisciplinary, experimental
What problem does this paper attempt to address?