This document presents a theoretical model for evaluating phishing attacks based on the indistinguishability of natural and phishing message distributions. The model views a phishing attack as an attempt to generate messages that are indistinguishable from normal messages. It captures a phishing attack in terms of the statistical distance between the natural and phishing message probability distributions. The model also proposes metrics to analyze the success probability of phishing attacks and distinguisher algorithms. Finally, it discusses a new class of collaborative spear phishing attacks enabled by data breaches at large companies.
Case Study On Social Engineering Techniques for Persuasion Full Text graphhoc
This document discusses case studies on using social engineering techniques to spread spyware on Linux systems. In three case studies, the authors were able to use social engineering to successfully install a spyware program on Linux systems 100% of the time by exploiting users' interests and trust. The document advocates for user education as the best prevention against social engineering attacks, as software defenses cannot prevent attacks targeting human psychology.
EXPLORING HISTORICAL AND EMERGING PHISHING TECHNIQUES AND MITIGATING THE ASSO...IJNSA Journal
This document summarizes common and emerging phishing techniques and methods to mitigate associated security risks. It begins with a brief history of phishing, including early phishing scams targeting AOL users in the 1990s. It then describes classic phishing attack vectors such as social engineering techniques that exploit human curiosity, fear, and empathy. One such classic technique is distributing malware via email attachments or links that appear to be gifts or prizes but instead install Trojan horse programs on victims' computers. The document aims to educate about phishing risks and prevention.
A Biggest Threat to India – Cyber Terrorism and CrimeQUESTJOURNAL
This document summarizes a research paper on cyber terrorism and cyber crime in India. It defines cyber terrorism and cyber crime, describing common methods of attack like hacking, viruses, and emails. It discusses how India's increased use of information technology in sectors like banking and government has made it vulnerable to cyber attacks from terrorist groups. Key points addressed are the lack of cyber security awareness in India, the need for stronger cyber laws and international cooperation, and recommendations to better protect India's networks through training, investment, and policy changes.
Social Engineering-The Underpinning of Unauthorized AccessKory Edwards
This document discusses social engineering and how it enables unauthorized access. Social engineering relies on exploiting human tendencies rather than technical vulnerabilities. The document explores how Edward Snowden used social engineering to gain access to NSA systems by persuading coworkers to provide their credentials. It examines why information security programs fail to prevent social engineering, despite training, due to human factors like lack of motivation. Common social engineering attack types are discussed, including insider threats, external threats, and the tactics used like appealing to human tendencies like authority, scarcity, and liking. The document argues a new approach is needed that incorporates social intelligence concepts to make employees less susceptible to social engineering.
Cyber Threat to Public Safety CommunicationsKory Edwards
This document discusses cyber threats to public safety communications systems. It begins by describing how communications broke down for first responders during the 9/11 attacks due to overloaded cell networks and damaged radio systems. Since then, improvements have focused on redundancy and interoperability through increased connectivity, but this also introduces more vulnerabilities. The document outlines several cyberattacks against 911 call centers and public safety networks in recent years. It identifies the most attractive targets as the public's access to 911 and single points of failure in interconnected systems. The main security challenges are complacency about risks and limited budgets to address vulnerabilities.
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Eyal Doron
In the following article, we will review the solution and the methods that we can use for dealing with the threat of – Phishing mail attacks and his derivative Spoof mail attack.
Exploring the Psychological Mechanisms used in Ransomware Splash ScreensJeremiah Grossman
The present study examined a selection of 76 ransomware splash screens collected from a variety of sources. These splash screens were analysed according to surface information, including aspects of visual appearance, the use of language, cultural icons, payment and payment types. The results from the current study showed that, whilst there was a wide variation in the construction of ransomware splash screens, there was a good degree of commonality, particularly in terms of the structure and use of key aspects of social engineering used to elicit payment from the victims. There was the emergence of a sub-set of ransomware that, in the context of this report, was termed ‘Cuckoo’ ransomware. This type of attack often purported to be from an official source requesting payment for alleged transgressions.
Case Study On Social Engineering Techniques for Persuasion Full Text graphhoc
This document discusses case studies on using social engineering techniques to spread spyware on Linux systems. In three case studies, the authors were able to use social engineering to successfully install a spyware program on Linux systems 100% of the time by exploiting users' interests and trust. The document advocates for user education as the best prevention against social engineering attacks, as software defenses cannot prevent attacks targeting human psychology.
EXPLORING HISTORICAL AND EMERGING PHISHING TECHNIQUES AND MITIGATING THE ASSO...IJNSA Journal
This document summarizes common and emerging phishing techniques and methods to mitigate associated security risks. It begins with a brief history of phishing, including early phishing scams targeting AOL users in the 1990s. It then describes classic phishing attack vectors such as social engineering techniques that exploit human curiosity, fear, and empathy. One such classic technique is distributing malware via email attachments or links that appear to be gifts or prizes but instead install Trojan horse programs on victims' computers. The document aims to educate about phishing risks and prevention.
A Biggest Threat to India – Cyber Terrorism and CrimeQUESTJOURNAL
This document summarizes a research paper on cyber terrorism and cyber crime in India. It defines cyber terrorism and cyber crime, describing common methods of attack like hacking, viruses, and emails. It discusses how India's increased use of information technology in sectors like banking and government has made it vulnerable to cyber attacks from terrorist groups. Key points addressed are the lack of cyber security awareness in India, the need for stronger cyber laws and international cooperation, and recommendations to better protect India's networks through training, investment, and policy changes.
Social Engineering-The Underpinning of Unauthorized AccessKory Edwards
This document discusses social engineering and how it enables unauthorized access. Social engineering relies on exploiting human tendencies rather than technical vulnerabilities. The document explores how Edward Snowden used social engineering to gain access to NSA systems by persuading coworkers to provide their credentials. It examines why information security programs fail to prevent social engineering, despite training, due to human factors like lack of motivation. Common social engineering attack types are discussed, including insider threats, external threats, and the tactics used like appealing to human tendencies like authority, scarcity, and liking. The document argues a new approach is needed that incorporates social intelligence concepts to make employees less susceptible to social engineering.
Cyber Threat to Public Safety CommunicationsKory Edwards
This document discusses cyber threats to public safety communications systems. It begins by describing how communications broke down for first responders during the 9/11 attacks due to overloaded cell networks and damaged radio systems. Since then, improvements have focused on redundancy and interoperability through increased connectivity, but this also introduces more vulnerabilities. The document outlines several cyberattacks against 911 call centers and public safety networks in recent years. It identifies the most attractive targets as the public's access to 911 and single points of failure in interconnected systems. The main security challenges are complacency about risks and limited budgets to address vulnerabilities.
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Eyal Doron
In the following article, we will review the solution and the methods that we can use for dealing with the threat of – Phishing mail attacks and his derivative Spoof mail attack.
Exploring the Psychological Mechanisms used in Ransomware Splash ScreensJeremiah Grossman
The present study examined a selection of 76 ransomware splash screens collected from a variety of sources. These splash screens were analysed according to surface information, including aspects of visual appearance, the use of language, cultural icons, payment and payment types. The results from the current study showed that, whilst there was a wide variation in the construction of ransomware splash screens, there was a good degree of commonality, particularly in terms of the structure and use of key aspects of social engineering used to elicit payment from the victims. There was the emergence of a sub-set of ransomware that, in the context of this report, was termed ‘Cuckoo’ ransomware. This type of attack often purported to be from an official source requesting payment for alleged transgressions.
The document discusses how customer involvement is crucial to defending against phishing attacks. While technology plays a role, phishing relies on tricking users into taking actions. The most effective solutions are regularly educating customers on identifying phishing techniques and conducting "ethical phishing" tests to modify customer behavior over time. By maintaining awareness and vigilance through ongoing training, organizations can significantly reduce the success of phishing scams.
What are the possible damages of phishing and spoofing mail attacks part 2#...Eyal Doron
We are living in a dangerous world that produces many types of threats and risks to our organizational mail infrastructure, to our users and to us.
In the current article, I would like to review some of the possible damages that we can experience in a scenario, in which Spoof or Phishing mail attacks are realized.
http://o365info.com/what-is-the-possible-damages-of-phishing-spoofing-mail-attacks-part-2-of-9/
Automatic Detection of Social Engineering Attacks Using Dialogiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
SQL Vulnerability Prevention in Cybercrime using Dynamic Evaluation of Shell and Remote File Injection Attacks R. Ravi,
Department of Computer Science & Engineering,
Francis Xavier Engineering College, Tamil Nadu, India
Dr. Beulah Shekhar,
Department of Criminology,
Manonmanium Sundaranar University, Tamil Nadu, India
A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...IJECEIAES
This document summarizes a novel approach for real-time classification of phishing emails using the K-means clustering algorithm. The authors used 160 emails from computer engineering students from the previous year. They achieved true positive rates of 67% for legitimate emails and 80% for phishing emails, and true negative rates of 30% and 20%, respectively. The high accuracy rates show that K-means clustering is effective for classifying phishing emails in real time. The authors then categorized the reasons for incorrect classifications into three groups: the look and feel of the email, the email's technical parameters, and the email's structure.
1. The document discusses phishing attacks, which involve tricking users into providing private information through fraudulent emails or websites.
2. Phishing attacks are classified into two categories: social engineering attacks, which use psychological tricks, and malware-based attacks, which install harmful software.
3. More recent phishing scams activate positive feelings like hope and gratitude through appealing to emotions and incorporating elements of social networks, which makes the scams more effective at gaining user trust and spreading widely.
This document provides an overview of cyber threats and recommendations for building a career in cyber security. It identifies major cyber threats for 2016 such as ransomware, attacks on critical infrastructure and payment systems, vulnerabilities in applications like Adobe Flash, and threats to emerging technologies like automobiles and wearables. It also provides tips for exploring a career in cyber security, including starting with general IT jobs and skills, gaining practical experience through self-directed learning and certifications, and developing specialized technical skills.
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Symantec
Internet Security Threat Report 2014 :: Volume 19 :: Appendices
Hardcore data from Symantec’s Internet Security Threat Report.
Real number crunching on Threat Malicious Code, Fraud & Vulnerability trends including
Threat Activity Trends
• Malicious Activity by Source
• Malicious Web-Based Attack Prevalence
• Analysis of Malicious Web Activity by Attack Toolkits
• Analysis of Web-Based Spyware, Adware, and Potentially Unwanted Programs
• Analysis of Web Policy Risks from Inappropriate Use
• Analysis of Website Categories Exploited to Deliver Malicious Code
• Bot-Infected Computers
• Analysis of Mobile Threats
• Quantified Self – A Path to Self-Enlightenment or Just Another Security Nightmare?
• Data Breaches that could lead to Identity Theft
• Threat of the Insider
• Gaming Attacks
• The New Black Market
Malicious Code Trends
• Top Malicious Code Families
• Analysis of Malicious Code Activity by Geography, Industry Sector, and Company Size
• Propagation Mechanisms
• Email-Targeted Spear-Phishing Attacks Intelligence
Spam and Fraud Activity Trends
• Analysis of Spam Activity Trends
• Analysis of Spam Activity by Geography, Industry Sector, and Company Size
• Analysis of Spam Delivered by Botnets
• Significant Spam Tactics
• Analysis of Spam by Categorization
• Phishing Activity Trends
• Analysis of Phishing Activity by Geography, Industry Sector, and Company Size
• New Spam Trend: BGP Hijacking
Vulnerability Trends
• Total Number of Vulnerabilities
• Zero-Day Vulnerabilities
• Web Browser Vulnerabilities
• Web Browser Plug-in Vulnerabilities
• Web Attack Toolkits SCADA Vulnerabilities
Insider Attacks: Theft of Intellectual and Proprietary DataLindsey Landolfi
The document summarizes insider threats and data theft by employees or contractors. It discusses how insiders pose a major security risk as they have legitimate access to internal networks and data. Several case studies are presented that resulted in large losses of sensitive data and intellectual property. Common motives for insider theft include financial gain, business advantage for a new employer, and espionage. The document also outlines various technical methods insiders could use to steal data, such as installing malware, exploiting system vulnerabilities, and physically copying files. Strong access controls, monitoring of employee behavior, and encryption of sensitive data are recommended to mitigate risks from malicious insiders.
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ransomware Attacks Perspective (pp. 79-82)
Sulaiman Al Amro, Computer Science Department, Computer College, Qassim University, Qassim, Saudi Arabia.
Vol. 18 No. 6 JUNE 2020 International Journal of Computer Science and Information Security
https://sites.google.com/site/ijcsis/vol-18-no-6-jun-2020
In this article we will be the focusing on all the aspects of Phishing attacks including the technological advancements, exploitation, post exploitation techniques and the countermeasures techniques against Advanced Phishing” The Art of Stealing” .
We will also learn about payloads , Web Application attacks and Network Attacks and how they contribute to advanced phishing attacks.
Hello dr. aguiar and classmates,for this week’s forum we were assimba35
The document discusses three potential capstone project topics related to security management. Topic 1 examines the positive and negative effects of implementing Crime Prevention Through Environmental Design (CPTED) at public schools. Topic 2 focuses on the essential need for U.S. maritime port security and the importance of compatibility between private and government security functions. Topic 3 addresses the required need for adequate training of private security professionals and how integrated training with law enforcement could advance security.
Concept of threats and threat environmentUyoyo Edosio
The document discusses different types of hackers and methods for preventing hacking attacks. It describes script kiddies, white hat hackers, black hat hackers, and grey hat hackers based on their skills, motives, and ethics. The most dangerous threats are considered to be advanced persistent threats (APT) conducted by nation-states, while insider threats and malware attacks are also significant but less financially impactful. The document recommends implementing intrusion prevention systems, user education, antivirus software, log reviews, and access controls to help prevent hacking and security breaches.
Instructions please write a 5 page paper answering the question consimba35
Stuxnet was a sophisticated computer virus that targeted Iran's nuclear program in 2010. It exploited vulnerabilities in Windows and industrial control systems to damage nuclear centrifuges at Natanz. Stuxnet demonstrated the destructive potential of cyberweapons and marked the emergence of cyberwarfare. The document discusses Stuxnet's technical details and impact, and poses questions about preventing future cyberattacks of this nature.
Cyberthreats broke new ground with mobile devices, while reaching deeper into social media. Online criminals also stepped up attacks via email, web and other traditional vectors.
This document provides packing tips for a trip to the Great Barrier Reef in Australia. It recommends bringing a bright colored bikini for underwater photos, a reusable shopping tote bag since zippered bags are prohibited on cruise ships, and strong sun protection like rashguards and hats due to Australia's ozone layer. It also suggests a compact travel towel, multi-purpose dresses to save space, and flip flops for easy on/off between water activities.
This document outlines a company's customer inquiry and vendor ranking system. Customer requirements are forwarded to a support team, who then distributes the inquiries to vendors based on their membership package and package renewal date. Inquiries go first to Gold members, then Silver, Bronze, Verified, and Free members at 15 minute intervals. The document also promotes various membership upgrade and advertising packages that vendors can purchase for increased visibility and lead opportunities.
The document discusses how customer involvement is crucial to defending against phishing attacks. While technology plays a role, phishing relies on tricking users into taking actions. The most effective solutions are regularly educating customers on identifying phishing techniques and conducting "ethical phishing" tests to modify customer behavior over time. By maintaining awareness and vigilance through ongoing training, organizations can significantly reduce the success of phishing scams.
What are the possible damages of phishing and spoofing mail attacks part 2#...Eyal Doron
We are living in a dangerous world that produces many types of threats and risks to our organizational mail infrastructure, to our users and to us.
In the current article, I would like to review some of the possible damages that we can experience in a scenario, in which Spoof or Phishing mail attacks are realized.
http://o365info.com/what-is-the-possible-damages-of-phishing-spoofing-mail-attacks-part-2-of-9/
Automatic Detection of Social Engineering Attacks Using Dialogiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
SQL Vulnerability Prevention in Cybercrime using Dynamic Evaluation of Shell and Remote File Injection Attacks R. Ravi,
Department of Computer Science & Engineering,
Francis Xavier Engineering College, Tamil Nadu, India
Dr. Beulah Shekhar,
Department of Criminology,
Manonmanium Sundaranar University, Tamil Nadu, India
A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...IJECEIAES
This document summarizes a novel approach for real-time classification of phishing emails using the K-means clustering algorithm. The authors used 160 emails from computer engineering students from the previous year. They achieved true positive rates of 67% for legitimate emails and 80% for phishing emails, and true negative rates of 30% and 20%, respectively. The high accuracy rates show that K-means clustering is effective for classifying phishing emails in real time. The authors then categorized the reasons for incorrect classifications into three groups: the look and feel of the email, the email's technical parameters, and the email's structure.
1. The document discusses phishing attacks, which involve tricking users into providing private information through fraudulent emails or websites.
2. Phishing attacks are classified into two categories: social engineering attacks, which use psychological tricks, and malware-based attacks, which install harmful software.
3. More recent phishing scams activate positive feelings like hope and gratitude through appealing to emotions and incorporating elements of social networks, which makes the scams more effective at gaining user trust and spreading widely.
This document provides an overview of cyber threats and recommendations for building a career in cyber security. It identifies major cyber threats for 2016 such as ransomware, attacks on critical infrastructure and payment systems, vulnerabilities in applications like Adobe Flash, and threats to emerging technologies like automobiles and wearables. It also provides tips for exploring a career in cyber security, including starting with general IT jobs and skills, gaining practical experience through self-directed learning and certifications, and developing specialized technical skills.
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Symantec
Internet Security Threat Report 2014 :: Volume 19 :: Appendices
Hardcore data from Symantec’s Internet Security Threat Report.
Real number crunching on Threat Malicious Code, Fraud & Vulnerability trends including
Threat Activity Trends
• Malicious Activity by Source
• Malicious Web-Based Attack Prevalence
• Analysis of Malicious Web Activity by Attack Toolkits
• Analysis of Web-Based Spyware, Adware, and Potentially Unwanted Programs
• Analysis of Web Policy Risks from Inappropriate Use
• Analysis of Website Categories Exploited to Deliver Malicious Code
• Bot-Infected Computers
• Analysis of Mobile Threats
• Quantified Self – A Path to Self-Enlightenment or Just Another Security Nightmare?
• Data Breaches that could lead to Identity Theft
• Threat of the Insider
• Gaming Attacks
• The New Black Market
Malicious Code Trends
• Top Malicious Code Families
• Analysis of Malicious Code Activity by Geography, Industry Sector, and Company Size
• Propagation Mechanisms
• Email-Targeted Spear-Phishing Attacks Intelligence
Spam and Fraud Activity Trends
• Analysis of Spam Activity Trends
• Analysis of Spam Activity by Geography, Industry Sector, and Company Size
• Analysis of Spam Delivered by Botnets
• Significant Spam Tactics
• Analysis of Spam by Categorization
• Phishing Activity Trends
• Analysis of Phishing Activity by Geography, Industry Sector, and Company Size
• New Spam Trend: BGP Hijacking
Vulnerability Trends
• Total Number of Vulnerabilities
• Zero-Day Vulnerabilities
• Web Browser Vulnerabilities
• Web Browser Plug-in Vulnerabilities
• Web Attack Toolkits SCADA Vulnerabilities
Insider Attacks: Theft of Intellectual and Proprietary DataLindsey Landolfi
The document summarizes insider threats and data theft by employees or contractors. It discusses how insiders pose a major security risk as they have legitimate access to internal networks and data. Several case studies are presented that resulted in large losses of sensitive data and intellectual property. Common motives for insider theft include financial gain, business advantage for a new employer, and espionage. The document also outlines various technical methods insiders could use to steal data, such as installing malware, exploiting system vulnerabilities, and physically copying files. Strong access controls, monitoring of employee behavior, and encryption of sensitive data are recommended to mitigate risks from malicious insiders.
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ransomware Attacks Perspective (pp. 79-82)
Sulaiman Al Amro, Computer Science Department, Computer College, Qassim University, Qassim, Saudi Arabia.
Vol. 18 No. 6 JUNE 2020 International Journal of Computer Science and Information Security
https://sites.google.com/site/ijcsis/vol-18-no-6-jun-2020
In this article we will be the focusing on all the aspects of Phishing attacks including the technological advancements, exploitation, post exploitation techniques and the countermeasures techniques against Advanced Phishing” The Art of Stealing” .
We will also learn about payloads , Web Application attacks and Network Attacks and how they contribute to advanced phishing attacks.
Hello dr. aguiar and classmates,for this week’s forum we were assimba35
The document discusses three potential capstone project topics related to security management. Topic 1 examines the positive and negative effects of implementing Crime Prevention Through Environmental Design (CPTED) at public schools. Topic 2 focuses on the essential need for U.S. maritime port security and the importance of compatibility between private and government security functions. Topic 3 addresses the required need for adequate training of private security professionals and how integrated training with law enforcement could advance security.
Concept of threats and threat environmentUyoyo Edosio
The document discusses different types of hackers and methods for preventing hacking attacks. It describes script kiddies, white hat hackers, black hat hackers, and grey hat hackers based on their skills, motives, and ethics. The most dangerous threats are considered to be advanced persistent threats (APT) conducted by nation-states, while insider threats and malware attacks are also significant but less financially impactful. The document recommends implementing intrusion prevention systems, user education, antivirus software, log reviews, and access controls to help prevent hacking and security breaches.
Instructions please write a 5 page paper answering the question consimba35
Stuxnet was a sophisticated computer virus that targeted Iran's nuclear program in 2010. It exploited vulnerabilities in Windows and industrial control systems to damage nuclear centrifuges at Natanz. Stuxnet demonstrated the destructive potential of cyberweapons and marked the emergence of cyberwarfare. The document discusses Stuxnet's technical details and impact, and poses questions about preventing future cyberattacks of this nature.
Cyberthreats broke new ground with mobile devices, while reaching deeper into social media. Online criminals also stepped up attacks via email, web and other traditional vectors.
This document provides packing tips for a trip to the Great Barrier Reef in Australia. It recommends bringing a bright colored bikini for underwater photos, a reusable shopping tote bag since zippered bags are prohibited on cruise ships, and strong sun protection like rashguards and hats due to Australia's ozone layer. It also suggests a compact travel towel, multi-purpose dresses to save space, and flip flops for easy on/off between water activities.
This document outlines a company's customer inquiry and vendor ranking system. Customer requirements are forwarded to a support team, who then distributes the inquiries to vendors based on their membership package and package renewal date. Inquiries go first to Gold members, then Silver, Bronze, Verified, and Free members at 15 minute intervals. The document also promotes various membership upgrade and advertising packages that vendors can purchase for increased visibility and lead opportunities.
Este documento presenta los objetivos, fortalezas y oportunidades de Laura Camila Nievez Rincón. Su visión es tener a Dios en sus planes y agradecer a su familia por su apoyo. Sus metas incluyen ser una profesional, el orgullo de su familia e independizarse. Entre sus fortalezas se encuentran ser responsable, adquirir conocimientos nuevos y rodearse de buenas personas. Las oportunidades incluyen el apoyo de su familia y adquirir conocimientos a través de sus estudios.
INFOGRAPHIC: The toxic materials inside mobile phones and health implicationsSami Colenutt
Infographic showing the toxic materials inside mobile phones and the health implications they could potentially have on humans. This was put together by the team at CompareMyMobile, the leading mobile phone recycling comparison site, who aim to spread knowledge on why recycling mobile phones is so vital - both for the environment and human health. Check out the infographic for more information, and don't hesitate to get in touch for extra details or quotes.
Este documento proporciona instrucciones para construir una trampa casera para ratones utilizando materiales comunes como una caja de cartón, cuerda, piedra, vaso y comida envenenada. La trampa funciona colocando la comida dentro de la caja inclinada y sostenida por un palo. Un vaso con tierra y agua está unido a la caja por una varilla, con una piedra colgando por una cuerda. Cuando el ratón come la comida, jala una pelota que hace caer la caja sobre él y deja
The Role of Three Dimensional Virtual Environments in the Development of Pers...Aggeliki Nikolaou
The document discusses the role of three dimensional virtual environments (3DVEs) like Second Life in developing personal learning networks (PLNs). It defines PLNs as informal networks of people that aim to learn from and contribute to each other's learning. The document presents research on how participation in groups within Second Life supports the creation and development of PLNs by providing networking opportunities, overcoming geographical barriers, and facilitating collaboration and resource sharing. It analyzes data that show how 3DVE group activities like discussions, skill-building tutorials, lectures, and social events help diffuse innovation and allow members to construct knowledge through their dynamic learning network.
V.A.S.E - Virtual Art School ExhibitionLia Terzidou
Μια πρόταση αξιοποίησης των 3D εικονικών κόσμων στην εκπαιδευτική διαδικασία που παρουσιάστηκε στην ημερίδα "Καινοτόμων Διδακτικών Πρακτικών στην Εκπαίδευση".
Η Εικονική Έκθεση Ψηφιακών έργων υλοποιήθηκε στο περιβάλλον του OpenSim και ταυτόχρονα αποτελεί ένα παράδειγμα χρήσης των Web 2.0 εργαλείων στην εκπαίδευση.
El documento resume varias reglas gramaticales sobre el uso de plurales, artículos indefinidos, y pronombres demostrativos en inglés. Explica que la mayoría de sustantivos toman -s para formar el plural, a excepción de los que terminan en -s, -sh, -ch, -x o -o. También cubre las formas irregulares como man/men y child/children. Luego, describe el uso de this, that, these y those dependiendo de si se refieren a nombres singulares o plurales. Finalmente, resume las diferencias entre a/an
This document lists 9 newspaper names, with Rajasthan Patrika appearing 3 times, Dainik Bhaskar appearing twice, and Daily News, Hindustan Times, Times of India each appearing once. The majority of the newspapers listed are Indian publications.
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...CSCJournals
This document summarizes a research paper that conducted a critical review of contemporary social engineering solutions, measures, policies, tools, and applications. Through a systematic review of recent studies, the analysis identified that providing training for employees to understand social engineering risks and how to avoid attacks is important for protection. Key measures identified include awareness programs, training non-technical staff, implementing new security networks and protocols, and using software to address social engineering threats. The review examined 30 studies on measures, policies and tools adopted by organizations and found that education, training, and awareness programs are effective at enhancing employee behavior and defenses against social engineering.
A COMPREHENSIVE SURVEY OF PHISHING ATTACKS AND DEFENCES: HUMAN FACTORS, TRAIN...IJNSA Journal
This document provides a comprehensive literature review on phishing attacks and defenses with a focus on the human and emotional factors that contribute to phishing victimization. It defines phishing and provides an overview of common phishing types identified by researchers and security organizations. It also compares different training approaches and recommendations from studies and organizations for avoiding phishing attacks, highlighting the importance of education, awareness training, and developing strategies to promote mindfulness when evaluating online messages and links.
All About Phishing Exploring User Research Through A Systematic Literature R...Gina Rizzo
This document summarizes a systematic literature review of 51 academic papers that studied users and phishing attacks. The review found that while over 367 papers were published on phishing starting in 2004 in the ACM Digital Library, only 13.9% (51 papers) included user studies using methods like interviews, surveys, or lab studies. Within these 51 papers, there was a lack of reporting important methodological details like participant numbers and characteristics. The review also noted potential recruitment biases in some of the studies. The document provides background on common phishing techniques and debates the importance of understanding users to prevent successful phishing attacks.
PHISHING ATTACKS PROPOSAL 6
Phishing Attacks Proposal
Introduction and Problem Statement
Over the past years, one of the most challenging crimes that have been a serious threat to the internet security of all computer users has been identity theft. This is a lucrative crime whose roots spread across the world and are perpetrated by different individuals using sophisticated technology. Identity theft entails the act of stealing as well as utilizing the identity information of another person to commit crimes such as steal money, crucial personal information, or even destroy confidential data and information (Psannis & Gamagedara, 2017). One of the techniques that have been used to perpetrate identity theft is a phishing attack. A phishing attack refers to a type of crime associated with social engineering whose emergence, occurrence, and advancements are proving to be an enormous challenge for both key industry players as well as academic researchers (Lyashenko, 2015).
The main aim of carrying out phishing attacks is to steal crucial information that is sensitive to users such as online banking details, usernames, and even passwords. According to researchers, the number of phishing attacks is becoming a serious threat, and in other cases, phishing reports indicate that it is not only the organizations that are becoming victims of the phishing attacks but the number of attacks is on the rise, and the level of sophistication is also advancing day in day out (Doupe & Warner, 2018). Of importance is that the phishing attacks have evolved in terms of the approaches that are followed in penetrating computer users and violating their privacy.
Objectives
This research aims at studying the level of sophistication in which phishing attacks has advanced. In this regard, it seeks to determine how modern methods of phishing attacks are different from the traditional ones. Secondly, this research aims to explain the different current methods of carrying out phishing attacks. Thirdly, this research study aims at determining how these sophisticated methods of carrying out phishing attacks can be controlled.
Literature Review
Different researchers and professionals have explored the issue of modern phishing attacks and presented their work in the form of journals and articles of research. One amongst the journals is “Defending against phishing attacks: Taxonomy of methods, current issues, and future directions,” authored by Kostas Psannis, and Nalin Asanka Gamagedara (2017). In their research, they noted that phishing statistics indicate that there is a rise in the number of successful attacks that are being carried out against industries and critical institutions. Psannis and Gamagedara (2017) present this statistical information in the form of a pie chart showing the various domains that exist and how each one of them has been affected. Based on a report presented in the form of a pie chart by the team, domains that are worst hit by the crime includ ...
A FRAMEWORK FOR SECURING EMAIL ENTRANCES AND MITIGATING PHISHING IMPERSONATIO...IJNSA Journal
Emails are used every day for communication, and many countries and organisations mostly use email for official communications. It is highly valued and recognised for confidential conversations and transactions in day-to-day business. The Often use of this channel and the quality of information it carries attracted cyber attackers to it. There are many existing techniques to mitigate attacks on email, however, the systems are more focused on email content and behaviour and not securing entrances to email boxes, composition, and settings. This work intends to protect users' email composition and settings to prevent attackers from using an account when it gets hacked or hijacked and stop them from setting forwarding on the victim's email account to a different account which automatically stops the user from receiving emails. A secure code is applied to the composition send button to curtail insider impersonation attack. Also, to secure open applications on public and private devices.
This document summarizes 12 sources on topics related to cybersecurity threats such as spam, phishing, ransomware, and malware detection techniques. The sources discuss using machine learning algorithms and heuristic approaches to detect spam accounts, phishing websites, and ransomware variants. Some propose new techniques like using Twitter data and mobile messages to detect spam or combining feature selection with metaheuristic algorithms to identify phishing sites. Others analyze hyperlinks or topic distributions to identify phishing attacks or classify anti-phishing solutions. The document also mentions the rise of ransomware attacks and techniques used in related studies.
A Systematic Literature Review on Phishing and Anti-Phishing Techniques.pdfKatie Naple
This document summarizes a literature review on phishing and anti-phishing techniques. It identifies various types of phishing techniques discussed in the literature, with spear phishing, email spoofing, email manipulation, and phone phishing being the most commonly discussed. It also identifies machine learning approaches as the most effective anti-phishing technique discussed, having the highest accuracy in detecting and preventing phishing attacks. The review was conducted following a systematic literature review process, analyzing 20 papers selected from an initial pool of 80 papers based on inclusion/exclusion criteria.
Running headEMERGING THREATS AND COUNTERMEASURES .docxrtodd599
Running head: EMERGING THREATS AND COUNTERMEASURES 1
LITERATURE REVIEW
Emerging threats and countermeasures in the U.S. critical infrastructure
Table of content
Background information 3
Research questions 3
Methodological approach 3
Data analysis and findings 3
Challenges in confronting threats 6
Conclusion and discussion 8
References…………………………………………………………………………………………9
Background information
In recent times, the province of security architecture has profoundly transposed by the escalation of threats targeting critical national infrastructure. The rise in such threats is directly related to the rapid integration of the infrastructures with emergent information technologies (IT). That said, it is easy to conclude that the destructive threats to the infrastructures are from cybercrime. Cybercrime manifests in several dimensions from worms, viruses to malware. It would be easy if such threats confronted quickly. However, the state of affairs is that it is not an easy endeavor at all, and hence protecting national infrastructure is even more challenging than it has ever been.Research questions
This essay answers the questions of the literature related to the emergent threats in the protection of critical national infrastructure. More also, it answers the question of the challenges involved in securing the infrastructures.Methodological approach
The study of data collection is conducted using a qualitative approach. Qualitative research is the scientific study of observations that seeks to describe, explore, explain, and diagnose phenomena by gathering non-numerical data.Data analysis and findings
It has not been easy protecting national infrastructure in the last two decades thanks to an increase in cybercrime. Public information systems are lucrative targets for hackers and other ill-motivated criminals. The state affairs have led to a conclusion that in a time in the current generation, the world is increasingly veering toward cyber warfare. The cost of cybersecurity threats is estimated to be over billions of dollars and still learning. Even with new measures, it appears the rate at which cybercriminals are expanding their technological dominion in the deep web is exceedingly strange.
Cybersecurity attacks take different dimensions. Perhaps one of the most devastating has been related to user inefficiency when handling systems. Most cybercriminal activities have shown an impeccable ability to surpass both the human and system shields that protect systems. In the dawn of the early 2000s, for example, the world was in a panic following an attack unleashed by two Philippine students. The attack, known as love bug exposed the value system behind the human-based security system. It is one of the weakness and which is solely flexible to easy manipulation. Following the love bug attack, the national intelligence system had to be switched off for several hours. The cutting-edge world has seen a multiplication in th.
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...IRJET Journal
This document summarizes a research paper on assessing whether spreading awareness about phishing attacks is effective in reducing attacks. Key points:
1. Phishing attacks are increasing and allow criminals to deceive users and steal important data. Spreading phishing awareness through training may help reduce attacks by empowering users to identify phishing emails and avoid risks.
2. Phishing awareness training can help organizations meet regulatory compliance requirements and make employees the first line of defense against cyberattacks.
3. Studies show that most data breaches are caused by phishing and losses from business email compromise attacks are increasing, demonstrating the need to minimize phishing attacks through awareness training.
4. A survey found that while most people
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
This document discusses the need for organizations to shift from a prevention-focused approach to cybersecurity to one focused on rapid detection and response. It notes that most organizations have mean times to detect threats of weeks or months, leaving critical systems vulnerable. The document introduces the concept of security intelligence and outlines a threat detection and response lifecycle that organizations should optimize to reduce their mean time to detect and respond to threats. This involves processes like discovering threats, qualifying them, investigating incidents, and mitigating risks.
A Survey On Cyber Crime Information SecurityMichele Thomas
This document provides an overview of cybercrime and information security. It discusses how cybercrime has increased with greater internet usage and defines cybercrime as illegal acts conducted through computers. The document then examines common forms of cybercrime like malware, spam, phishing, hacking, cyber stalking, and fraud. It explores the causes of cybercrime and how crimes are executed through methods like infecting devices with malware, sending spam emails, engaging in phishing scams, hacking via code, and cyber stalking victims online and offline. The goal of information security is also discussed as protecting computer data and systems from unauthorized access.
ryan harris a day ago 404 wordsWhile I feel that any of the .docxgemaherd
ryan harris | a day ago | 404 words
While I feel that any of the threats listed are dangerous, phishing might be the most dangerous because of the amount of people it affects. Phishing is described as sending an unsolicited email, message, or phone call under the guise of a legitimate source and lures the user into accepting malware or disclosing personal information. (Bayuk et al, 2012). The reason that these are so threatening is that an adversary can send out phishing emails in mass quantities with very little fear of reprisal. In 2014 it was estimated that over $15.4 billion dollars was stolen in total, due to identity theft. (Gredler, 2016). Every year Verizon releases the Data Breach Investigation Report (DBIR) that outlines the most common breaches, tactics used and common trends. In the 2017 DBIR it was determined that 66 percent of the attacks involved malware that was installed via malicious email attachments. (Verizon, 2017). 95 percent of phishing attacks that lead to a breach were then followed by software installation. This is a very real threat that affects a vast majority people world-wide, more than the other types of threats listed.
Another threat that isn’t listed, but is also very dangerous is Man-in-the-middle style attacks. MitM involves the attacker intercepting communications from the user before the recipient gets the information, and inversely impersonates the user. (Bayuk et al, 2012). This can be done with cellular or wireless technology, and the victim may not know that they are being monitored. This form of attack is a type of eavesdropping and can perpetuate identity theft. The attackers usually access an unsecured, weak, or open network and insert their tools. In 2015 almost 50 individuals were arrested for using MitM attacks to intercept payment requests that were made via Email. (Vaas, 2015). The suspects had used social engineering and phishing to install malware on company networks. After the malware was installed they were able listen in on transaction data and payment requests. In this case, a more malicious attack was instigated by simple phishing attempts.
...
This document provides an overview of cybercrime, including definitions, types, impacts, and challenges. It notes that while cybercrime poses significant threats, there are major evidence gaps regarding its nature, scale, and costs. It recommends improving measurement and the evidence base to better inform policy responses. A socio-ecological framework is proposed to understand cybercrime at individual, relationship, community, and societal levels to guide multi-tiered prevention efforts.
Running Head CYBERSECURITY1CYBERSECURITY 15.docxtodd271
Running Head: CYBERSECURITY 1
CYBERSECURITY 15
Cybersecurity in Financial Sector
Student Name
Tutor’s Name
Date
Table of Contents
Introduction 3
Background 3
Insiders Threats 5
Research Questions 6
Research Methodology 9
Data Analysis 10
Discussions 10
Conclusion 12
Reference 14
Introduction
Cyber threat has risen as a key danger to financial stability, following ongoing attacks on financial organizations. This research introduces a novel documentation of digital threats far and wide for financial organizations by breaking down the various sorts of cyber events and determining patterns by use of several datasets. As critical framework, financial establishments must execute the most elevated level of cybersecurity as the danger of a devastating cyberattack keeps on growing. Malignant actors, including disgruntled staff, state supported actors and conventional hackers, all have inspirations to attack the financial sector, and do so now and then. Be that as it may, the risk changes somewhat between financially stable organizations as well as new financial institutions. The challenging and multifaceted danger must be completely comprehended so as to appropriately address and dissect solutions to save the security of these foundations and the economy that they contribute to.Background
Financial institutions are a primary component, both to the US as well as the world in general. As basic foundation and guardians of cash, stuns felt in the business can resound, with outrageous results, into each element of American life, as outlined in the 2008 financial crisis. While banks, both momentously huge and modestly small, satisfy the desires to keep the variable worldwide economy generally steady, the risk of cyberattacks on such organizations keep on developing. Consistently, noxious actors, a classification that contains from state supported hackers to disappointed insiders, attack banks through specialized methods.
Some of the attacks are monetarily inspired; some are only interested to disturb and cause the tumult that happens when critical infrastructures are truly undermined. Information breach, a typical type of attack, leave a large number of clients' sensitive data available to anyone. This mixture of damaging variables has lead the money business to be the most elevated high-roller on cybersecurity much higher than the legislature (Rohmeyer & Bayuk, 2018). Albeit accessible literature has assessed the risk from numerous points of view, two key areas require a more top to bottom examination; the one of a kind circumstance looked by little and network banks, and the insider danger faced by organizations of any size. By comprehension and dismembering the danger faced by money related organizations, the expanded mindfulness makes it simpler to break down solution and look towards the eventual fate of the issue.
The dangers faced by financial organizations differ generally in source, methodology of attacks as .
Email phishing: Text classification using natural language processingCSITiaesprime
Phishing is networked theft in which the main motive of phishers is to steal any person’s private information, its financial details like account number, credit card details, login information, payment mode information by creating and developing a fake page or a fake web site, which look completely authentic and genuine. Nowadays email phishing has become a big threat to all, and is increasing day by day. Moreover, detection of phishing emails has been considered an important research issue as phishing emails have been increasing day by day. Various techniques have been introduced and applied to deal with such a big issue. The major objective of this research paper is giving a detailed description on the classification of phishing emails using the natural language processing concepts. Natural language processing (NLP) concepts have been applied for the classification of emails; along with that accuracy rate of various classifiers have been calculated. The paper is presented in four sections. An introduction about phishing its types, its history, statistics, life cycle, motivation for phishers and working of email phishing have been discussed in the first section. The second section covers various technologies of phishing- email phishing and also description of evaluation metrics. An overview of the various proposed solutions and work done by researchers in this field in form of literature review has been presented in the third section. The solution approach and the obtained results have been defined in the fourth section giving a detailed description about NLP concepts and working procedure.
SUPER-FINAL-PPT_SMISHING.pptx Stop the smishing: A pragmatic Analysis on Dece...ElmeBaje
This research proposal aims to analyze deceptive text messages ("smishing") and identify language patterns used. The study will determine which age and gender groups receive the most messages, how scammers persuade victims, and the most common types of fraud messages. Using speech act theory, the researchers will analyze 100 scam messages from Iligan City residents to identify recurring words, illocutionary acts, and the impact on receivers. Content analysis and interviews will be used to understand how scammers deceive people through language to obtain private information. The results could help prevent people from falling victim to fraudulent messages.
This white paper discusses cyber security predictions and trends for the next 18 months. It outlines 5 trends: 1) major mobile exploits due to increased mobility and devices, 2) open source vulnerabilities as adversaries target these, 3) supply chain attacks remaining critical as vendors are easier targets, 4) increased industry-specific attacks and malware, and 5) greater privacy legislation in response to public concerns about data collection. The paper recommends organizations assess their use of open source software, supply chain security policies, industry-specific defenses, and data privacy practices to address these evolving threats.
This document provides an overview of phishing techniques and methods. It defines phishing as impersonating legitimate websites to steal user credentials. The document describes the phishing life cycle, which includes planning attacks, collecting credentials through fake websites, and committing fraud. It also discusses common phishing techniques like mimicking legitimate websites and using pop-up windows to steal information. The goal of the document is to analyze phishing methods to help combat this growing security threat.
EXPLORING HISTORICAL AND EMERGING PHISHING TECHNIQUES AND MITIGATING THE ASSO...IJNSA Journal
Organizations invest heavily in technical controls for their Information Assurance (IA) infrastructure. These technical controls mitigate and reduce the risk of damage caused by outsider attacks. Most organizations rely on training to mitigate and reduce risk of non-technical attacks such as social engineering. Organizations lump IA training into small modules that personnel typically rush through because the training programs lack enough depth and creativity to keep a trainee engaged. The key to retaining knowledge is making the information memorable. This paper describes common and emerging attack vectors and how to lower and mitigate the associated risk.
Similar to An Indistinguishability Model for Evaluating Diverse Classes of Phishing Attacks and Quantifying Attack Efficacy (20)
हिंदी वर्णमाला पीपीटी, hindi alphabet PPT presentation, hindi varnamala PPT, Hindi Varnamala pdf, हिंदी स्वर, हिंदी व्यंजन, sikhiye hindi varnmala, dr. mulla adam ali, hindi language and literature, hindi alphabet with drawing, hindi alphabet pdf, hindi varnamala for childrens, hindi language, hindi varnamala practice for kids, https://www.drmullaadamali.com
Assessment and Planning in Educational technology.pptxKavitha Krishnan
In an education system, it is understood that assessment is only for the students, but on the other hand, the Assessment of teachers is also an important aspect of the education system that ensures teachers are providing high-quality instruction to students. The assessment process can be used to provide feedback and support for professional development, to inform decisions about teacher retention or promotion, or to evaluate teacher effectiveness for accountability purposes.
The simplified electron and muon model, Oscillating Spacetime: The Foundation...RitikBhardwaj56
Discover the Simplified Electron and Muon Model: A New Wave-Based Approach to Understanding Particles delves into a groundbreaking theory that presents electrons and muons as rotating soliton waves within oscillating spacetime. Geared towards students, researchers, and science buffs, this book breaks down complex ideas into simple explanations. It covers topics such as electron waves, temporal dynamics, and the implications of this model on particle physics. With clear illustrations and easy-to-follow explanations, readers will gain a new outlook on the universe's fundamental nature.
Thinking of getting a dog? Be aware that breeds like Pit Bulls, Rottweilers, and German Shepherds can be loyal and dangerous. Proper training and socialization are crucial to preventing aggressive behaviors. Ensure safety by understanding their needs and always supervising interactions. Stay safe, and enjoy your furry friends!
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...PECB
Denis is a dynamic and results-driven Chief Information Officer (CIO) with a distinguished career spanning information systems analysis and technical project management. With a proven track record of spearheading the design and delivery of cutting-edge Information Management solutions, he has consistently elevated business operations, streamlined reporting functions, and maximized process efficiency.
Certified as an ISO/IEC 27001: Information Security Management Systems (ISMS) Lead Implementer, Data Protection Officer, and Cyber Risks Analyst, Denis brings a heightened focus on data security, privacy, and cyber resilience to every endeavor.
His expertise extends across a diverse spectrum of reporting, database, and web development applications, underpinned by an exceptional grasp of data storage and virtualization technologies. His proficiency in application testing, database administration, and data cleansing ensures seamless execution of complex projects.
What sets Denis apart is his comprehensive understanding of Business and Systems Analysis technologies, honed through involvement in all phases of the Software Development Lifecycle (SDLC). From meticulous requirements gathering to precise analysis, innovative design, rigorous development, thorough testing, and successful implementation, he has consistently delivered exceptional results.
Throughout his career, he has taken on multifaceted roles, from leading technical project management teams to owning solutions that drive operational excellence. His conscientious and proactive approach is unwavering, whether he is working independently or collaboratively within a team. His ability to connect with colleagues on a personal level underscores his commitment to fostering a harmonious and productive workplace environment.
Date: May 29, 2024
Tags: Information Security, ISO/IEC 27001, ISO/IEC 42001, Artificial Intelligence, GDPR
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 27001 Information Security Management System - EN | PECB
ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
General Data Protection Regulation (GDPR) - Training Courses - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
How to Manage Your Lost Opportunities in Odoo 17 CRMCeline George
Odoo 17 CRM allows us to track why we lose sales opportunities with "Lost Reasons." This helps analyze our sales process and identify areas for improvement. Here's how to configure lost reasons in Odoo 17 CRM
বাংলাদেশের অর্থনৈতিক সমীক্ষা ২০২৪ [Bangladesh Economic Review 2024 Bangla.pdf] কম্পিউটার , ট্যাব ও স্মার্ট ফোন ভার্সন সহ সম্পূর্ণ বাংলা ই-বুক বা pdf বই " সুচিপত্র ...বুকমার্ক মেনু 🔖 ও হাইপার লিংক মেনু 📝👆 যুক্ত ..
আমাদের সবার জন্য খুব খুব গুরুত্বপূর্ণ একটি বই ..বিসিএস, ব্যাংক, ইউনিভার্সিটি ভর্তি ও যে কোন প্রতিযোগিতা মূলক পরীক্ষার জন্য এর খুব ইম্পরট্যান্ট একটি বিষয় ...তাছাড়া বাংলাদেশের সাম্প্রতিক যে কোন ডাটা বা তথ্য এই বইতে পাবেন ...
তাই একজন নাগরিক হিসাবে এই তথ্য গুলো আপনার জানা প্রয়োজন ...।
বিসিএস ও ব্যাংক এর লিখিত পরীক্ষা ...+এছাড়া মাধ্যমিক ও উচ্চমাধ্যমিকের স্টুডেন্টদের জন্য অনেক কাজে আসবে ...
Main Java[All of the Base Concepts}.docxadhitya5119
This is part 1 of my Java Learning Journey. This Contains Custom methods, classes, constructors, packages, multithreading , try- catch block, finally block and more.
This presentation was provided by Steph Pollock of The American Psychological Association’s Journals Program, and Damita Snow, of The American Society of Civil Engineers (ASCE), for the initial session of NISO's 2024 Training Series "DEIA in the Scholarly Landscape." Session One: 'Setting Expectations: a DEIA Primer,' was held June 6, 2024.
An Indistinguishability Model for Evaluating Diverse Classes of Phishing Attacks and Quantifying Attack Efficacy
1. Narasimha Shashidhar & Lei Chen
International Journal of Security (IJS), Volume (9) : Issue (2) : 2015 15
An Indistinguishability Model for Evaluating Diverse Classes of
Phishing Attacks and Quantifying Attack Efficacy
Narasimha Shashidhar karpoor@shsu.edu
Department of Computer Science
Sam Houston State University
Huntsville, TX 77384, USA
Lei Chen lchen@georgiasouthern.edu
Department of Information Technology
Georgia Southern University
Statesboro, GA 30458, USA
Abstract
Phishing is a growing threat to Internet users and causes billions of dollars in damage every year.
While there are a number of research articles that study the tactics, techniques and procedures
employed by phishers in the literature, in this paper, we present a theoretical yet practical model
to study this menacing threat in a formal manner. While it is common folklore knowledge that a
successful phishing attack entails creating messages that are indistinguishable from the natural,
expected messages by the intended victim, this concept has not been formalized. Our model
attempts to capture a phishing attack in terms of this indistinguishability between the natural and
phishing message probability distributions. We view the actions performed by a phisher as an
attempt to create messages that are indistinguishable to the victim from that of “normal”
messages. To the best of our knowledge, this is the first study that places phishing on a concrete
theoretical framework and offers a new perspective to analyze this threat. We propose metrics to
analyze the success probability of a phishing attack taking into account the input used by a
phisher and the work involved in creating deceptive email messages. Finally, we study and apply
our model to a new class of phishing attacks called collaborative spear phishing that is gaining
momentum. Recent examples include Operation Woolen-Goldfish in 2015, Rocket Kitten in 2014
and Epsilon email breach in 2011. We point out fundamental flaws in the current email-based
marketing business model which enables such targeted spear phishing collaborative attacks. In
this sense, our study is very timely and presents new and emerging trends in phishing.
Keywords: Phishing, Email Fraud, Data Hiding, Identity Linking, Social Engineering.
1. INTRODUCTION
Phishing is a sophisticated and rapidly growing social engineering threat aimed at gleaning
sensitive information such as user names, passwords and financial information from
unsuspecting victims. In this context, victims comprise not only of people, but also corporations
and even nation states and leads to billions of dollars in damage each year [1]. The attack
campaigns typically involve sending an innocuous looking message to victims in an attempt to
deliver malware, glean personally identifiable information or to further a shift in power control,
either political or economic [20]. Attacks are typically carried out via standard communication
channels such as email or instant messaging by masquerading as legitimate and trustworthy
entities. Being a social engineering attack, most studies of this threat have focused on
understanding the techniques used by phishers, devising clever strategies to thwart these attacks
and the human factors associated with phishing. As of 2015, phishing has become a major vector
for cyberattacks employed by several threat groups [14]. As an example, Rocket Kitten is a cyber-
threat group that actively undermines European and Israeli companies via phishing. In a recent
white-paper published by Trend Micro in March 2015 [14], the authors dissect the modus-
2. Narasimha Shashidhar & Lei Chen
International Journal of Security (IJS), Volume (9) : Issue (2) : 2015 16
operandi of these phishers and conclude that the methods used by these groups are extremely
sophisticated in comparison to those in the past. Furthermore, these cyber-attacks are
conjectured to be state-sponsored and the academic and industry groups are still exploring the
inner workings of these schemes. To address the sophistication and the devious nature of these
latest phishing attacks, in this paper, we deviate from the older empirical approach and propose a
theoretical yet practical model that captures the interstitial dynamics of this threat. A novel feature
of our security model is that it captures the inherent human factor and consequently complements
the existing empirical study of phishing.
Contributions: Our first contribution in this paper is the development of a theoretical framework
for phishing. Our model is also very practical and designed to study a large class of phishing
attacks including the non-traditional, but emerging threats such as the Android Market fake
banking apps [19]. It is well known that a successful phishing attack entails creating messages
that are indistinguishable from the natural, expected messages by the intended victim. Firstly, we
formalize this notion in the broadest sense possible to encompass a wide range of attacks. This is
important because the rate of growth of phishing attack sophistication does not lend itself to
traditional empirical analysis or study. Our model captures the dynamics of phishing in terms of
indistinguishability between the natural and phishing message distributions. From the perspective
of a phisher, one can view the creation of a phishing message as an attempt to embed a
deceptive message within an innocent looking email or instant message. To this end, we treat the
problem to be “spiritually” similar to the problem of Steganography. Our motivation stems from the
observation that while the goal in Steganography is to create an innocent looking message with a
hidden payload without arousing the suspicion of any eavesdropper, a phisher tries to create an
“innocent” looking message with a hidden (malicious) payload (such as the GHOLE Malware
used by the cyber-threat group Rocket Kitten [14]) without arousing suspicion even from the
recipient. We note that our work brings out an elegant, hidden connection between the disparate
fields of Steganography and Phishing and we hope that this connection will lead to new and
diverse perspectives on phishing detection research.
Secondly, we propose metrics to measure the success probability of a phishing detection
algorithm and consequently the success probability of a phishing attempt. We also define the
notion of overhead as the ratio of the amount of work done by a phisher to the payoff that s/he
receives upon concluding the phishing campaign. This notion of overhead will be useful when we
analyze the impact of the Epsilon email breach [16] and the associated payoff for the phishers.
Finally, we describe a new class of phishing attacks, called collaborative spear phishing, an
advanced class of spear phishing attacks that may stem from the latest threat posed by the
Epsilon email breach [16], Rocket Kitten [14], and Operation Woolen-Goldfish [14] in the recent
past. A server breach at the Internet marketing company Epsilon, a unit of Alliance Data Systems
Corporation, exposed the names and email addresses of millions of people [22] across different
organizations. This breach is being described as the worst of its kind by the media [15],
particularly since the breach apparently lasted for months despite warnings of targeted attacks
against email service providers. Rocket Kitten is a cyber-threat group (presumed to be state
sponsored), that launches targeted spear phishing attacks (Operation Woolen-Goldfish) against
Israeli and European companies. Their primary approach is to deliver a malware payload,
typically the GHOLE virus onto unsuspecting corporate employees’ machines, the latest event
occurring in February 2015 [14]. Once the payload has been delivered, and the victim’s machines
successfully compromised, additional payloads including keyloggers are injected into the infected
machine. In this paper, we also point out some of the fundamental flaws in the current email-
based marketing business model, which is a by-product of service industrialization. This is an
important discussion due to the spate of cyber-attacks and breaches against major businesses
such as Home Depot, Target etc. currently. Thus, our study is very timely and presents emerging
trends in phishing using new tools and analysis techniques to detect and instrument these events.
3. Narasimha Shashidhar & Lei Chen
International Journal of Security (IJS), Volume (9) : Issue (2) : 2015 17
2. PRIOR WORK
Phishing is primarily a social engineering attack and has attracted a lot of research interest in this
context. Most studies of phishing have focused on understanding the techniques used by
phishers, devising clever strategies to thwart these attacks and the human factors associated with
this threat.
Dhamija et al. [4] and Downs et al. [6] studied the factors affecting the success of different
malicious strategies used by phishers in an effort to build systems better capable of thwarting
phishing attempts. The impact of social networking websites on phishing was studied by Jagatic
et al. [10] who found that Internet users may be over four times as likely to become victims if they
are solicited by someone appearing to be a known acquaintance. A personality-bias based
analysis on the susceptibility of individuals to fall prey to phishing attacks was conducted by Ding
et al. [5] and demonstrated that a dictionary based semantic similarity approach to analyzing
personality models showed promising results. Some of the strategies devised to thwart phishing
attacks mentioned in the literature include: Dynamic Security Skins [3] that allows a remote web
server to prove its identity in a way that is easy for a human user to verify and hard for an attacker
to spoof; Visual Cryptography and Iris Detection based techniques [17, 12]; Natural language
techniques [21]; Detecting phishing emails and websites using machine learning techniques [8];
Web Wallet [24], a browser sidebar which users can use to submit their sensitive information
online; password management and website-login innovations [25] and Cantina, a novel, content-
based approach to detecting phishing web sites, based on information retrieval and text mining
algorithms [27]. Another line of research [26, 23] focuses on the evaluation of anti-phishing tools
and their effectiveness.
A graph-theoretic model to analyze the effort expended by a phisher to launch an attack was
studied by Jakobsson [11]. A phishing attack was modeled using a graph in which nodes
correspond to knowledge and edges captured traversal from one node to another. Edges were
associated with costs to reflect the effort of the phisher. This paper also defined a new attack
approach called the context aware phishing attack using a method called identity linking -
determining the correspondence between identities and email addresses of a victim.
Our model is designed to capture the dynamics of every facet of the phishing threat and not
isolated to measuring the effort expended by the phisher. Furthermore, we describe attacks such
as collaborative spear phishing that are far more complex than the context aware attack and thus
subsumes the earlier attack put forth by Jakobsson [11].
2.1 Notations and Definitions
For a probability distribution P with support X, we use the notation P[x] to denote the probability
that P assigns to ݔ ∈ ܺ. A random variable X is a function over a sample space Ω, X ∶ Ω → S, for
some set S and we say that the random variable X takes values in the set S. The probability
distribution on S described by the random variable X is denoted by ܲ.
2.2 Statistical Distance
We use statistical distance as the measure of distance between two random variables and the
probability distributions described by these random variables. The statistical distance is the
largest possible difference between the probabilities that two probability distributions can assign
to the same event. There are several other metrics one could use to measure the distance
between two distributions. However, statistical distance is the most widely used and well defined
metric as described in the literature. We would like to note that our model does not preclude use
of other metrics in this context. Shoup [18] presents a detailed treatment of statistical distance
and its properties.
Definition: Let X and Y be random variables which both take values in a finite set S with
probability distributions ܲ and ܲ. The statistical distance between X and Y is defined as
4. Narasimha Shashidhar & Lei Chen
International Journal of Security (IJ
So, two random variables (and the corresponding probability distributions)
߳-close to each-other if Δ|ܺ, ܻ| ൏
about the two distributions – natural
other, thereby capturing the notion of indistinguishability.
3. THE PHISHING MODEL
In this section, we describe our phishing model as depicted by Figure 1
our phishing indistinguishability model
the seminal steganography model presented by Cachin
communication channel to capture email, instant and other means of communication. For the
purpose of our discussion here, let us use the example of email communication. Let us consider
an individual’s email inbox. The phishing problem specifies two message distributions
corresponding to the two sources of messages that can find their way to that individual’s email
inbox: The Natural (N) and the Phishing (
are shown on the left as two black boxes. Typically, we are unaware of the exact probability
distributions associated with these input sources and will treat them as such in our description.
The individual’s inbox normally receives mess
0) corresponding to the phisher being inactive. The natural distribution is meant to capture the
distribution of messages that a person expects to see. When the phisher is active (switch is set to
1) s/he receives phishing messages. The algorithm used by the phisher operates on some input
stream to create the deceptive messages. The Distinguisher algorithm
to distinguish between the messages from these two distributions and ess
from being phished. Often, the receiver of the email plays the role of the distinguisher
Figure 1 depicts the distinguisher algorithm
receiver along with the softwar
collectively form the Distinguisher algorithm
algorithm D and the receiver is meant to signify this relationship between these entities. The
arrow out of the receiver pointing to output/action symbolizes the act of clicking on a link or acting
upon the instructions in the received message, whether natural or phishing.
3.1 Evaluating the Success of a Phishing
The success of a phishing attempt is measured by the intended victim’s ability to distinguish
between “natural” and “phishing” messages over the communication channel. To characterize
(IJS), Volume (9) : Issue (2) : 2015
ΔሾX, Yሿ ൌ
1
2
หܲሺ௦ሻ െ ܲሺ௦ሻห
௦∈ௌ
.
So, two random variables (and the corresponding probability distributions) X and Y
൏ ߳. This notion of ߳-closeness will be useful to us when we talk
natural messages and phishing messages – being close to each
capturing the notion of indistinguishability.
THE PHISHING MODEL
this section, we describe our phishing model as depicted by Figure 1. As noted earlier, we build
our phishing indistinguishability model on the Steganography security model. In particular, we use
the seminal steganography model presented by Cachin [2]. We use the notion of a
communication channel to capture email, instant and other means of communication. For the
purpose of our discussion here, let us use the example of email communication. Let us consider
individual’s email inbox. The phishing problem specifies two message distributions
corresponding to the two sources of messages that can find their way to that individual’s email
) and the Phishing (P) message distributions. The two source distributions
are shown on the left as two black boxes. Typically, we are unaware of the exact probability
distributions associated with these input sources and will treat them as such in our description.
The individual’s inbox normally receives messages from the Natural distribution (switch is set to
) corresponding to the phisher being inactive. The natural distribution is meant to capture the
distribution of messages that a person expects to see. When the phisher is active (switch is set to
e receives phishing messages. The algorithm used by the phisher operates on some input
stream to create the deceptive messages. The Distinguisher algorithm D is tasked with being able
to distinguish between the messages from these two distributions and essentially protect the user
from being phished. Often, the receiver of the email plays the role of the distinguisher
Figure 1 depicts the distinguisher algorithm D to be distinct from the receiver. In real life, the
receiver along with the software tools, browser toolbar extensions, and spam/phisher filters
collectively form the Distinguisher algorithm D. The bidirectional arrow between the Distinguisher
and the receiver is meant to signify this relationship between these entities. The
arrow out of the receiver pointing to output/action symbolizes the act of clicking on a link or acting
upon the instructions in the received message, whether natural or phishing.
FIGURE 1: The Phishing Model.
Evaluating the Success of a Phishing Attempt
The success of a phishing attempt is measured by the intended victim’s ability to distinguish
between “natural” and “phishing” messages over the communication channel. To characterize
18
Y are said to be
closeness will be useful to us when we talk
being close to each
. As noted earlier, we build
urity model. In particular, we use
. We use the notion of a
communication channel to capture email, instant and other means of communication. For the
purpose of our discussion here, let us use the example of email communication. Let us consider
individual’s email inbox. The phishing problem specifies two message distributions
corresponding to the two sources of messages that can find their way to that individual’s email
ource distributions
are shown on the left as two black boxes. Typically, we are unaware of the exact probability
distributions associated with these input sources and will treat them as such in our description.
ages from the Natural distribution (switch is set to
) corresponding to the phisher being inactive. The natural distribution is meant to capture the
distribution of messages that a person expects to see. When the phisher is active (switch is set to
e receives phishing messages. The algorithm used by the phisher operates on some input
is tasked with being able
entially protect the user
from being phished. Often, the receiver of the email plays the role of the distinguisher D although
to be distinct from the receiver. In real life, the
e tools, browser toolbar extensions, and spam/phisher filters
. The bidirectional arrow between the Distinguisher
and the receiver is meant to signify this relationship between these entities. The
arrow out of the receiver pointing to output/action symbolizes the act of clicking on a link or acting
The success of a phishing attempt is measured by the intended victim’s ability to distinguish
between “natural” and “phishing” messages over the communication channel. To characterize
5. Narasimha Shashidhar & Lei Chen
International Journal of Security (IJS), Volume (9) : Issue (2) : 2015 19
natural communication we need to define and formalize the communication channel. We follow
the standard terminology used in the literature to define communication channels [9]. We let
ܧ ൌ ݁ଵ, ݁ଶ, … , ݁௦ denote an alphabet and treat the communication channel as a family of random
variables ܫ ൌ {ܫ}∈ா∗. These channel distributions model a history-dependent notion of channel
data that captures the notion of real-life communication. As an example, if E were to represent
the set of the “email alphabet” and ℎ ∈ ܧ∗
, the history of emails received by a person thus far,
then ܫ represents the random variable that captures the probability distribution of the person’s
email inbox at that point in time. In our model, we have captured the history dependence of
communication and an individual’s expectance to “see” a message in his inbox.
In evaluating the success of a phishing attempt, we need to take into consideration the amount of
randomness present in a person’s email inbox. We use min-entropy as the measure of this
randomness. The min-entropy of a random variable X, taking values in a set V, is the quantity
ܪஶሺܺሻ ≜ ݉݅݊୴∈ ሺെ log Prሾܺ ൌ ݒሿሻ.
We say that a communication channel (such as an email inbox) has min-entropy ߜ if for all ℎ ∈ ܧ∗
,
ܪஶሺܫሻ > ߜ. We would like an individual’s inbox, for all histories, to have some non-zero
randomness, i.e, ߜ > 0. This randomness parameter is designed to capture the diversity of the
messages present in a person’s inbox. As an example, if someone were to receive only one
particular kind of email, then there is no randomness present in this communication scheme. The
study of phishing on such a communication channel is not as interesting since the success
probability of a phishing attempt in this situation is very small. Observe that the metric min-
entropy is designed to capture the worst-case entropy inherent in a distribution. Naturally, other
measures of entropy can also be applied to our model as well.
Let us now discuss the success probability of the Distinguisher algorithm D in being able to detect
a phishing message. Let us overload the notation and let P denote the phishing algorithm as well
as the distribution of the phishing messages produced by it. We now define the advantage of the
Distinguisher D over the phishing algorithm P as:
ݒ݀ܣ
ሺ݉ሻ ൌ ฬPrሾܦሺ݉ሻ ൌ ݏݏ݁ܿܿݑݏሿ െ
1
2
ฬ , ሺ1ሻ
where m is the message to be distinguished and D(m) = success is the event that the
Distinguisher D was successful in identifying a phishing message. Observe that any Distinguisher
algorithm has an advantage of ½ in being able to detect a phishing message by merely flipping a
fair coin. Hence, we need to look at the absolute value of the difference between the success
probability of D from ½.
An alternative definition for the advantage of the Distinguisher D over the phishing algorithm P is
obtained from the observation that the total variation distance between two probability measures
N and P is the largest possible difference between the probabilities that these two probability
distributions can assign to the same event, in particular to the event D(m) = success.
ݒ݀ܣ
ሺ݉ሻ ൌ
1
2
|ܰሺ݉ሻ െ ܲሺ݉ሻ|
∈ ெ
, ሺ2ሻ
where N and P are the natural and the phishing message distributions respectively and
represents the messages in the message set M (the user’s inbox). Our model captures phishing
in terms of this indistinguishability between the natural and phishing message distributions.
We can now define the capacity C of an individual to shield him/her from a phishing attack as:
ܥ ൌ max
{ݒ݀ܣ
ሺ݉ሻ} , ሺ3ሻ
6. Narasimha Shashidhar & Lei Chen
International Journal of Security (IJS), Volume (9) : Issue (2) : 2015 20
this maximum taken over all Distinguisher algorithms D available at the individual’s disposal. This
definition is meant to capture the different software tools such as browser toolbars, add-ons and
other installed tools using any techniques that one might use to defend against phishing.
We now derive the measure for evaluating the success probability SP of a phishing attempt P as:
ܵ ൌ 1 െ .ܥሺ4ሻ
We say that a user is ሺ߳, ߜሻ െ ݁ݎݑܿ݁ݏ from a phishing attack if for all his email-inboxes with min-
entropy ߜ, we have ܵ ൏ ߳. The overhead of a phisher is judged by the relation between the
amount of work done by a phisher and the corresponding payoff. We adopt the ratio o = w/p as a
measure for overhead. Obviously, if the payoff is high and the work done is low, then the
overhead is low. This measure is useful in comparing the damage caused by different phishing
attacks.
In this paragraph, we discuss the different parameters that contribute towards the work done by a
phisher. Drake et al., present an anatomy of a phishing email where they enumerate the different
tricks used by phishers in an attempt to create deceptive messages that are indistinguishable
from the original messages [7]. The most important (and expensive to acquire) of these
parameters are the personally identifiable information (PII) such as name, email address, the final
four digits of an account number, year of expiration etc. The other costs associated with work are
technical in nature, i.e., creating similar sounding domain names such as tax-revenue.com,
ebaybuyerprotection.com, creating emails that appear to come from legitimate “From:” email
address, designing the structure and content of the email, creating a plausible premise, using
JavaScript event handlers, redirection, etc. We define work to comprise essentially of two main
parts – work done in collecting personally identifiable information, PII and the technical work, i.e,
ݓ ൌ ݓூூ + ݓ௧.
4. COLLABORATIVE SPEAR PHISHING
In this section, we discuss an emerging, new class of phishing attacks, that we call collaborative
spear phishing. We wish to shed light on this new class of phishing attacks that may become
popular as a result of the latest server breach at the email marketing giant Epsilon [16] and other
breaches on major U.S. retailers. This attack is an advanced class of spear phishing that a
phisher may develop using collaborative filtering techniques described below. In April 2011, a
server breach at the Internet marketing company Epsilon, a unit of Alliance Data Systems
Corporation, exposed the names and email addresses of millions of people [16]. While a
complete list of all the companies affected by the breach is not yet known, roughly 50 companies
are said to be on that list, including Best Buy, Citibank, Disney, JPMorgan Chase, The Home
Shopping Network, Hilton, Marriott and the College Board. This breach is being described as the
worst of its kind by the media [15]. Such attacks have already started becoming prevalent as was
observed recently in the attack campaigns launched by Rocket Kitten in 2014 and 2015 [14].
Collaborative filtering is the process of filtering for information or patterns using techniques
involving collaboration among multiple data sources. Commonly used to infer purchase statistics
by implementing recommendation algorithms for item recommendation by Amazon and other
online retailers, this technique can now be used to launch highly advanced phishing attacks.
While any breach that leaks personally identifiable information is a blessing to phishers, this
particular breach at Epsilon is much more so. In the context of this breach, a phisher might now
try to infer potential accounts that an individual may have with organizations using information
that he already possesses. Furthermore, it gives a plausible premise that a phisher may use to
hide his tracks. Observe that the breach at Epsilon leaked much more information than just
personally identifiable information – It leaked the relationships that an individual has with different
organizations. The phisher is able to observe that a particular account is affiliated with a number
of organizations and hence is able to filter for more information than s/he could otherwise.
7. Narasimha Shashidhar & Lei Chen
International Journal of Security (IJS), Volume (9) : Issue (2) : 2015 21
As a quick example, we use a very simple Item-to-Item recommendation algorithm to illustrate
this attack. The table below captures Alice, Bob and Emily’s relationship with three organizations.
A Yes in the table below corresponds to the affirmative knowledge that a phisher has obtained
(Using the Epsilon database, Retailer breaches or otherwise) about an individual’s relationship
with that organization and No (no knowledge) corresponds to the lack of this knowledge.
Name Best Citibank JPMorgan
Buy Chase
Alice Yes No Yes
Bob No Yes Yes
Emily No Yes No
TABLE 1: Collaborative Phishing.
The cosine between Best Buy and Citibank is obtained by:
ሺ1, 0, 0ሻ ⋅ ሺ0, 1, 1ሻ
‖ሺ1, 0, 0ሻ‖‖ሺ0, 1, 1ሻ‖
ൌ 0 .
The cosine between Best Buy and JPMorgan Chase is obtained by:
ሺ1, 0, 0ሻ ⋅ ሺ1, 1, 0ሻ
‖ሺ1, 0, 0ሻ‖‖ሺ1, 1, 0ሻ‖
ൌ
1
√2
మ .
The cosine between Citibank and JPMorgan Chase is obtained by:
ሺ0, 1, 1ሻ ⋅ ሺ1, 1, 0ሻ
‖ሺ0, 1, 1ሻ‖‖ሺ1, 1, 0ሻ‖
ൌ
1
2
.
Hence, a phisher armed with the knowledge that a particular individual who has an account with
Best Buy can make an educated guess that h/she may possibly have an account with JPMorgan
Chase as well. This makes good sense because many Best Buy Credit accounts are indeed
handled by JPMorgan Chase. While we have used a very elementary algorithm for the sake of
exposition, a motivated phisher could use an elaborate collaborative filtering algorithm such as
Slope One [13] to improve the success of this attack. While the context-aware attack proposed by
Jakobsson [11] uses the concept of identity-linking to launch phishing attacks, our proposed
attack is not only context-aware but also is capable of extrapolating for information that the
phishers don’t yet have.
In this paragraph, we point out some of the fundamental flaws in the current email-based
marketing business model, which we believe is a by-product of service industrialization - treating
services as an industrial process. By placing the personally identifiable information of millions of
customers under the control of one organization, such as Epsilon, the overhead for the phisher is
dramatically reduced – The work is diminished and the payoff is maximized. Furthermore, the
phishers can now send targeted emails to their victims thereby making sure that these emails are
out of the hands of the phishing research community. They can also ensure guaranteed delivery
of their phishing emails by spoofing the correct “From” email addresses that most people have
saved in their address books. Gary Warner [22] has an elaborate discussion of such targeted
phishing attacks and we have already started seeing such sophisticated attacks [14].
8. Narasimha Shashidhar & Lei Chen
International Journal of Security (IJS), Volume (9) : Issue (2) : 2015 22
5. CONCLUSION
Our primary goal in this paper was to present a treatment of phishing in a formal theoretical
framework. Our model captures the dynamics of phishing in terms of indistinguishability between
the natural and phishing message distributions. We propose metrics to analyze the success
probability of a phishing attack which takes into account the input parameters used by a phisher
and the associated work involved to create deceptive email messages. Finally, we present a new
class of phishing attacks, called collaborative spear phishing which is an advanced class of spear
phishing that may stem from the latest threat posed by the Epsilon email breach and other retailer
breaches in the recent past. We also point out some of the fundamental flaws in the current
email-based marketing business model, which is a by-product of service industrialization. In this
sense, our study is very timely and presents new and emerging trends in phishing. We hope that
our model will help shed some more light on the threats posed by phishing.
6. REFERENCES
[1] Anti-Phishing Working Group. “Phishing activity trends report”. In APWG Global
Response to Cybercrime, http://docs.apwg.org/reports/apwg_trends_report_q1_2014.pdf,
March 2014. Retrieved 2 April, 2015.
[2] Christian Cachin. “An information-theoretic model for steganography”. In Information Hiding,
pages 306–318. Springer, 1998.
[3] Rachna Dhamija and J Doug Tygar. “The battle against phishing: Dynamic security skins”. In
Proceedings of the 2005 symposium on Usable privacy and security, pages 77–88. ACM,
2005.
[4] Rachna Dhamija, J Doug Tygar, and Marti Hearst. “Why phishing works”. In Proceedings of
the SIGCHI conference on Human Factors in computing systems, pages 581–590. ACM,
2006.
[5] Ke Ding, Nicholas Pantic, You Lu, Sukanya Manna, Mohammad Husain, et al. “Towards
building a word similarity dictionary for personality bias classification of phishing email
contents”. In Semantic Computing (ICSC), IEEE International Conference on, pages 252–
259. IEEE, 2015.
[6] Julie S Downs, Mandy B Holbrook, and Lorrie Faith Cranor. “Decision strategies and
susceptibility to phishing”. In Proceedings of the second symposium on Usable privacy and
security, pages 79–90. ACM, 2006.
[7] Christine E Drake, Jonathan J Oliver, and Eugene J Koontz. “Anatomy of a phishing email”.
In CEAS, 2004.
[8] Ian Fette, Norman Sadeh, and Anthony Tomasic. “Learning to detect phishing emails”. In
Proceedings of the 16th international conference on World Wide Web, pg 649–656. ACM,
2007.
[9] Nicholas Hopper, Luis von Ahn, and John Langford. “Provably secure steganography”. IEEE
Transactions on Computers, (5):662–676, 2008.
[10]Tom N Jagatic, Nathaniel A Johnson, Markus Jakobsson, and Filippo Menczer. “Social
phishing”. Communications of the ACM, 50(10):94–100, 2007.
[11] Markus Jakobsson. “Modeling and preventing phishing attacks”. In Financial Cryptography,
volume 5. Citeseer, 2005.
[12] Anjali Jose and S Vinoth Lakshmi. “Web security using visual cryptography against phishing”.
Middle-East Journal of Scientific Research, 20(12):2626–2632, 2014.
9. Narasimha Shashidhar & Lei Chen
International Journal of Security (IJS), Volume (9) : Issue (2) : 2015 23
[13] Daniel Lemire and Anna Maclachlan. “Slope one predictors for online rating-based
collaborative filtering”. In SDM, volume 5, pages 1–5. SIAM, 2005.
[14] Trend Micro. “Rocket kitten showing its claws: Operation woolen-goldfish and the ghole
campaign”. In Trend Micro Security Intelligence Reports, Retrieved 8 April, 2015.
http://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-woolen-goldfish-
when-kittens-go-phishing, March 2015.
[15] ABC News News/Technology. “Epsilon email breach: What you should know”. In Epsilon
email breach, Retrieved 12 Mar, 2014. http://abcnews.go.com/Technology/epsilon-email-
breach/story?id=13291589, 2011.
[16] Mathew J. Schwartz. “Epsilon fell to spear-phishing attack”. In Information Week, Retrieved
15 Mar, 2014. http://www.darkreading.com/attacks-and-breaches/epsilon-fell-to-spear-
phishing-attack/d/d-id/1097119?, 2011.
[17] Saranya Shaji et al. “Anti phishing approach using visual cryptography and iris recognition”.
IJRCCT, 3(3):088–092, 2014.
[18] Victor Shoup. A computational introduction to number theory and algebra. Cambridge
University Press, 2009.
[19] SlashDot. “Malicious app in android market”. In The epsilon phishing model, Retrieved Mar
12,2014. http://mobile.slashdot.org/-story/10/01/10/2036222/Malicious-App-In-Android-
Market.
[20] RSA Fraud Report Team. “Phishing kits - the same wolf, just a different sheep’s clothing”. In
RSA Monthly Online Fraud Report, EMC, pages Retrieved 8 April, 2015.
http://www.emc.com/collateral/fraud-report/rsa-online-fraud-report-012013.pdf, February
2013.
[21] Rakesh Verma, Narasimha Shashidhar, and Nabil Hossain. “Detecting phishing emails the
natural language way”. In Computer Security–ESORICS 2012, pages 824–841. Springer,
2012.
[22] Gary Warner. “Cybercrime and doing time. In The epsilon phishing model”, Retrieved 12 Mar,
2014. http://garwarner.blogspot.com/2011/04/epsilon-phishing-model.html, 2011.
[23] Min Wu, Robert C Miller, and Simson L Garfinkel. “Do security toolbars actually prevent
phishing attacks?” In Proceedings of the SIGCHI conference on Human Factors in computing
systems, pages 601–610. ACM, 2006.
[24] Min Wu, Robert C Miller, and Greg Little. “Web wallet: preventing phishing attacks by
revealing user intentions”. In Proceedings of the second symposium on Usable privacy and
security, pages 102–113. ACM, 2006.
[25] Ka-Ping Yee and Kragen Sitaker. “Passpet: convenient password management and phishing
protection”. In Proceedings of the second symposium on Usable privacy and security, pages
32–43. ACM, 2006.
[26] Yue Zhang, Serge Egelman, Lorrie Cranor, and Jason Hong. “Phinding phish: Evaluating
anti-phishing tools”. ISOC, 2006.
[27] Yue Zhang, Jason I Hong, and Lorrie F Cranor. “Cantina: a content-based approach to
detecting phishing web sites”. In Proceedings of the 16th international conference on World
Wide Web, pages 639–648. ACM, 2007.