Spelling suggestions: "subject:"spear phishing"" "subject:"apear phishing""
1 |
Something Looks Phishy Here: Applications of Signal Detection Theory to Cyber-Security Behaviors in the WorkplaceMartin, Jaclyn 15 March 2017 (has links)
Cyber-security is an ever-increasing problem in the 21st century. Though the majority of cyber-security breaches are a direct result of human error (Hu, Dinev, Hart, & Cooke, 2012), there is a dearth of research in psychology on the application of human decision-making for cyber-security compliance. Through an online inbox simulation, the present research examined the utility of a robust psychological model for decision-making, signal detection theory (SDT) for modeling decision-making in the context of receiving and responding to phishing and spear-phishing email scams. The influence of individual differences, specifically conscientiousness, on phishing email detection was also examined. The results indicate that SDT is useful for modeling and measuring cyber-compliance behavior in terms of responding to phishing emails. This finding supports the feasibility of using SDT to monitor training effectiveness for individuals’ resistance to social engineering in phishing email detection. There were no significant relationships between participants’ scores on conscientiousness and their phishing and spear-phishing email detection ability. Future research should explore predictors of cyber-compliance with regards to individuals’ phishing and spear-phishing susceptibility.
|
2 |
Investigating cybersecurity response strategies : Measures to responding to successful spear phishing attacksAlaaraj, Aiham, Yassin, Ali January 2024 (has links)
Spear phishing attacks pose an ongoing threat to organizational cybersecurity, requiring effective response measures. This study examines measures that can be implemented by Swedish organizations to respond to successful spear phishing attacks, focusing on technical solutions and cybersecurity frameworks. Through 14 semi-structured interviews with incident response teams and cybersecurity professionals, insights were gathered on the effectiveness of these measures as well as the challenges that may be faced in complying with them. The results indicate the presence of two primary response measures: technical solutions used during and after the successful attack. In addition, cybersecurity frameworks play a critical role in guiding organizations in countering successful spear phishing attacks. While the results provide valuable insight, their effectiveness varies depending on the challenges the organization may face in complying with measures. This study underscores the importance of comprehensive and effective measures to respond to successful spear phishing attacks and improve organizational resilience to evolving cyber threats.
|
3 |
Comparing the relative efficacy of phishing emails / Jämförelse av phishing emails relativa effektivitetLingaas Türk, Jakob January 2020 (has links)
This study aimed to examine if there was a difference in how likely a victim is to click on a phishing email’s links based on the content of the email, the tone and language used and the structure of the code. This likelihood also includes the email’s ability to bypass spam filters. Method: The method used to examine this was a simulated phishing attack. Six different phishing templates were created and sent out via the Gophish framework to target groups of students (from Halmstad University), from a randomized pool of 20.000 users. The phishing emails contained a link to a landing page (hosted via a virtual machine) which tracked user status. The templates were: Covid19 Pre-Attempt, Spotify Friendly CSS, Spotify Friendly Button, Spotify Aggressive CSS, Spotify Aggressive Button, Student Union. Results: Covid19 Pre-Attempt: 72.6% initial spam filter evasion, 45.8% spam filter evasion, 4% emails opened and 100% links clicked. Spotify Friendly CSS: 50% initial spam filter evasion, 38% spam filter evasion, 26.3% emails opened and 0% links clicked. Spotify Friendly Button: 59% initial spam filter evasion, 28.8% spam filter evasion, 5.8% emails opened and 0 %links clicked. Spotify Aggressive CSS: 50% initial spam filter evasion, 38% spam filter evasion, 10.5% emails opened, and 100% links clicked. Spotify Aggressive Button: 16% initial spam filter evasion, 25% spam filter evasion, 0% emails opened and 0% emails clicked. Student Union: 40% initial spam filter evasion, 75% spam filter evasion, 33.3% emails opened and 100% links clicked. Conclusion: Differently structured emails have different capabilities for bypassing spam filters and for deceiving users. Language and tone appears to affect phishing email efficacy; the results suggest that an aggressive and authoritative tone heightens a phishing email’s ability to deceive users, but seems to not affect its ability to bypass spam filters to a similar degree. Authenticity appears to affect email efficacy; the results showed a difference in deception efficacy if an email was structured like that of a genuine sender. Appealing to emotions such as stress and fear appears to increase the phishing email’s efficacy in deceiving a user. / Syftet med denna studie var att undersöka om det fanns en skillnad i hur troligt det är att ett offer klickar på länkarna till ett phishing-e-postmeddelande, baserat på innehållet i e-postmeddelandet, tonen och språket som används och kodens struktur. Denna sannolikhet inkluderar även e-postens förmåga att kringgå skräppostfilter. Metod: Metoden som användes var en simulerad phishing-attack. Sex olika phishing-mallar skapades och skickades ut via Gophish-ramverket till målgruppen bestående av studenter (från Halmstads universitet), från en slumpmässig pool med 20 000 användare. Phishing-e-postmeddelandena innehöll en länk till en målsida (hostad via en virtuell maskin) som spårade användarstatus. Mallarna var: Covid19 Pre-Attempt, Spotify Friendly CSS, Spotify Friendly Button, Spotify Aggressive CSS, Spotify Aggressive Button, Student Union. Resultat: Covid19 förförsök: 72,6% kringgick det primära spamfiltret, 45,8% kringgick det sekundära spamfiltret, 4% e-postmeddelanden öppnade och 100% länkar klickade Spotify Friendly CSS: 50% kringgick det primära spamfiltret, 38% kringgick det sekundära spamfiltret, 26,3% e-postmeddelanden öppnade och 0% länkar klickade. Spotify Friendly Button: 59% kringgick det primära spamfiltret, 28,8% kringgick det sekundära spamfiltret, 5.8% e-postmeddelanden öppnade och 0% länkar klickade. Spotify Aggressive CSS: 50% kringgick det primära spamfiltret, 38% kringgick det sekundära spamfiltret, 10,5% e-post öppnade och 100% länkar klickade. Spotify Aggressive Button: 16% kringgick det primära spamfiltret, 25% kringgick det sekundära spamfiltret, 0% e-postmeddelanden öppnade och 0% e-postmeddelanden klickade. Studentkåren: 40% kringgick det primära spamfiltret, 75% kringgick det sekundära spamfiltret, 33,3% e-postmeddelanden öppnade och 100% länkar klickade. Slutsats: Olika strukturerade e-postmeddelanden har olika funktioner för att kringgå skräppostfilter och för att lura användare. Språk och ton tycks påverka effektiviteten för epost-phishing. Resultaten tyder på att en aggressiv och auktoritär ton ökar phishing-epostmeddelandets förmåga att lura användare, men verkar inte påverka dess förmåga att kringgå skräppostfilter i motsvarande grad. Autenticitet verkar påverka e-postens effektivitet, då resultaten visade en skillnad i effektivitet om ett e-postmeddelande var strukturerat som en äkta avsändare. Att adressera känslor som stress och rädsla verkar öka phishing-e-postens effektivitet när det gäller att lura en användare.
|
4 |
Det står att jag har ett paket att hämta ut, men jag har ju inte beställt någonting? - En kvalitativ intervjustudie om hur internetanvändare upptäcker och hanterar bedrägeriförsök på internetSonnesjö, Amanda, Blomstedt, Olle January 2023 (has links)
Dagens samhälle har blivit alltmer digitaliserat och en följd av detta är att de digitala bedrägerierna har ökat. Digitala bedrägerier kan ta olika former, men i denna studie begränsades de till phishing och dess underkategorier: spear phishing, vishing och smishing. Dessa är varianter på digitala bedrägerier där syftet är att lura användaren att lämna ut känslig information digitalt. Problemet som denna studie behandlade var att det fanns en kunskapsbrist hos människor gällande digitala bedrägerier, eftersom många fortfarande blev lurade. Syftet med studien blev därmed att bidra med ökad kunskap om hur digitala bedrägerier kan upptäckas av de som blivit utsatta och vad man som individ bör vara uppmärksam på. I studien löd därför forskningsfrågan: På vilka sätt försöker individer hantera de digitala hot som finns på internet? Samt med dess följande underfrågor: Vad gör individer för att identifiera digitala bedrägerier? Hur bedömer individer trovärdigheten i digitala interaktioner? För att besvara forskningsfrågan användes forskningsstrategin kartläggning. Kartläggningen genomfördes i form av semistrukturerade intervjuer och data samlades in om hur deltagarna försökte identifiera digitala bedrägerier. Datan analyserades med hjälp av tematisk analys. Studiens resultat visade att trots begränsad formell utbildning inom ämnet, verkade de flesta ha utvecklat liknande strategier för att upptäcka digitala bedrägerier. Många var dock osäkra om vilket skydd de hade mot dessa hot. Resultatet pekade på ett behov av mer information om digitala bedrägerier, särskilt för äldre. Studiens slutsatser framhåller behovet av att åtgärda den identifierade kunskapsluckan och understryker vikten av att individer är vaksamma och kritiska när det kommer till digitala interaktioner. Framtida åtgärder bör inriktas på att höja medvetenheten om digitala bedrägerier, utbilda individer om säkra metoder för digitala interaktioner och särskilt stödja dem som kan vara mer utsatta för dessa hot. Slutligen betonar studien vikten av att företag, myndigheter och organisationer tar ansvar för att hålla sig uppdaterade och ge information om potentiella digitala bedrägerier. Studien tillhör området informationssäkerhet inom data- och systemvetenskap. / Today's society has become increasingly digitized, and as a result, digital fraud has increased. Digital fraud can take various forms, but in this study, it was limited to phishing and its subcategories: spear phishing, vishing, and smishing. These are variations of digital fraud where the purpose is to deceive users into disclosing sensitive information digitally. The problem addressed in this study was the lack of knowledge among people regarding digital fraud, as many were still being deceived. The purpose of the study was therefore to contribute to increased awareness of how digital fraud can be detected by those who have been targeted and what individuals should be mindful of. Thus, the research question of the study was: In what ways do individuals attempt to manage the digital threats present on the internet? With the following sub-questions: What do individuals do to identify digital scams? How do individuals assess the credibility of digital interactions? To answer the research question, we used the research strategy survey. The survey was conducted in the form of semi-structured interviews, and data was collected on how the selected participants try to identify digital fraud and the collected material was analyzed using thematic analysis. The data was analyzed using thematic analysis. The study's findings indicated that despite limited formal education on the subject, most participants seemed to have developed similar strategies to detect digital fraud. However, many were unsure about the level of protection they had against these threats. The results highlighted the need for more information about digital fraud, especially for older individuals. The study's conclusions emphasize the necessity of addressing the identified knowledge gap and underscore the importance of individuals being vigilant and critical in their digital interactions. Future actions should focus on raising awareness about digital fraud, educating individuals on secure methods of digital interactions, and providing support to those who may be more vulnerable to these threats. Lastly, the study emphasizes the significance of companies, authorities, and organizations taking responsibility for staying updated and providing information about potential digital fraud. The study falls within the field of information security in data and systems science.
|
5 |
Hur träning om phishing ändrar synen på ett säkert mail : En kvalitativ studie om hur mentala modeller av ett säkert mail förändras av träning om phishing / How training in phishing changes the perception of a secure emailAndersson, Niklas January 2021 (has links)
Denna studie undersökte hur den mentala modellen av ett säkert mail ser ut hos en användare som inte har tidigare träning inom informationssäkerhet. Deltagarna testades först en gång och fick sedan ta del av träningsmaterial om phishing, och blev sen testade igen för att se hur den mentala modellen förändrades. Detta uppnåddes med semistrukturerade intervjuer. Deltagarna blev tilldelade en roll att spela och visades sedan mail och blev ombedda att säga hur de, i sin roll, skulle hantera mailet. Intervjun var sedan strukturerad kring deras svar. Intervjuerna transkriberades ordagrant och analyserades med en innehållsanalys. Resultatet visade att före träning så bestod den mentala modellen av temana mailadress, bekantskap, utseende, relevans, länkar och språk. Efter träningen bestod den mentala modellen av temana mailadress, bekantskap, utseende, relevans, länkar, språk, filformat, begärd information och kontrollerbarhet.
|
6 |
An educational experiment in discovering spear phishing attacks / Ett utbildningsexperiment för att upptäcka spear phishing attackerFloderus, Sebastian, Rosenholm, Linus January 2019 (has links)
Background: Spear phishing attacks uses social engineering targeting a specific person to steal credential information or infect the users computer with malware. It is often done through emails and it can be very hard to spot the difference between a legitimate email and a scam email. Cybercrime is a growing problem and there is many ways to inform and educate individuals on the subject.Objectives: This study intends to perform an experiment to see if an educationalsupport tool can be used to better identify phishing emails. Furthermore see if there is a difference in susceptibility between students from different university programs. Methods: A qualitative research study was used to get the necessary understanding how to properly develop a phishing educational tool. A Pretest-Posttest experiment is done to see if there is an improvement in result between an experimental group that received education and the control group that did not. Results: The result shows an overall higher score for the technical program compared to the non-technical. Comparing the pretest with the posttest shows an increase in score for the non-technical program and a decrease in score for the technical program. Furthermore 58% of the non-technical students who started the test did not complete it. Conclusions: There is a noticeable difference in susceptibility between the programs for detecting scam emails for students. However further research is needed in order to explore to what extent the education process had an impact.
|
7 |
Vad gör att människor faller för Spear-Phishing? / Why do people fall for Spear-Phishing?Danesten, Jacob January 2016 (has links)
Det är inte många som känner till begreppet spear-phishing. Spear-phishing är ett sätt att attackera en person via mejl. De som utför den här typen av attacker använder sig av sociala aspekter för att lura dig. De kan säga att det är från ett företag som du som person har kontakt med. Det kan t.ex. vara från en bank eller skatteverket. Studien har som syfte att försöka förstå varför människor faller för de här attackerna och hur de kan hindra att sprida andra attacker. De virus som den här typen av attack sprider kan vara t.ex. trojaner och ransomware.
|
8 |
Characterizing and Detecting Online Deception via Data-Driven MethodsHu, Hang 27 May 2020 (has links)
In recent years, online deception has become a major threat to information security. Online deception that caused significant consequences is usually spear phishing. Spear-phishing emails come in a very small volume, target a small number of audiences, sometimes impersonate a trusted entity and use very specific content to redirect targets to a phishing website, where the attacker tricks targets sharing their credentials.
In this thesis, we aim at measuring the entire process. Starting from phishing emails, we examine anti-spoofing protocols, analyze email services' policies and warnings towards spoofing emails, and measure the email tracking ecosystem. With phishing websites, we implement a powerful tool to detect domain name impersonation and detect phishing pages using dynamic and static analysis. We also analyze credential sharing on phishing websites, and measure what happens after victims share their credentials. Finally, we discuss potential phishing and privacy concerns on new platforms such as Alexa and Google Assistant.
In the first part of this thesis (Chapter 3), we focus on measuring how email providers detect and handle forged emails. We also try to understand how forged emails can reach user inboxes by deliberately composing emails. Finally, we check how email providers warn users about forged emails. In the second part (Chapter 4), we measure the adoption of anti-spoofing protocols and seek to understand the reasons behind the low adoption rates. In the third part of this thesis (Chapter 5), we observe that a lot of phishing emails use email tracking techniques to track targets. We collect a large dataset of email messages using disposable email services and measure the landscape of email tracking. In the fourth part of this thesis (Chapter 6), we move on to phishing websites. We implement a powerful tool to detect squatting domains and train a machine learning model to classify phishing websites. In the fifth part (Chapter 7), we focus on the credential leaks. More specifically, we measure what happens after the targets' credentials are leaked. We monitor and measure the potential post-phishing exploiting activities. Finally, with new voice platforms such as Alexa becoming more and more popular, we wonder if new phishing and privacy concerns emerge with new platforms. In this part (Chapter 8), we systematically assess the attack surfaces by measuring sensitive applications on voice assistant systems.
My thesis measures important parts of the complete process of online deception. With deeper understandings of phishing attacks, more complete and effective defense mechanisms can be developed to mitigate attacks in various dimensions. / Doctor of Philosophy / In recent years, online deception becomes a major threat to information security. The most common form of online deception starts with a phishing email, then redirects targets to a phishing website where the attacker tricks targets sharing their credentials. General phishing emails are relatively easy to recognize from both the target's and the defender's perspective. They are usually from strange addresses, the content is usually very general and they come in a large volume. However, Online deception that caused significant consequences is usually spear phishing. Spear-phishing emails come in a very small volume, target a small number of audiences, sometimes impersonate a trusted entity and use very specific content to redirect targets to a phishing website, where the attacker tricks targets sharing their credentials. Sometimes, attackers use domain impersonation techniques to make the phishing website even more convincing.
In this thesis, we measure the entire process. Starting from phishing emails, we examine anti-spoofing protocols, analyze email services' policies and warnings towards spoofing emails, and measure the email tracking ecosystem. With phishing websites, we implement a tool to detect domain name impersonation and detect phishing pages using dynamic and static analysis. We also studied credential sharing on phishing websites. We measure what happens after targets share their credentials. Finally, we analyze potential phishing and privacy concerns on new platforms such as Alexa and Google Assistant.
|
9 |
EXPLORING PHISHING SUSCEPTIBILITY ATTRIBUTABLE TO AUTHORITY, URGENCY, RISK PERCEPTION AND HUMAN FACTORSPriyanka Tiwari (9187496) 30 July 2020 (has links)
<p>Security breaches nowadays are not limited to technological
orientation. Research in the information security domain is gradually shifting
towards human behavioral orientation toward breaches that target weaknesses
arising from human behaviors (Workman et al., 2007). Currently, social
engineering breaches are more effective than many technical attacks. In fact, the
majority of cyber assaults have a social engineering component. Social
Engineering is the art of manipulating human flaws towards a malicious
objective (Breda et al., 2017). In the likely future, social engineering will
be the most predominant attack vector within cyber security (Breda et al.,
2017). Human failures, persuasion and social influences are key elements to
understand when considering security behaviors. With the increasing concerns
for social engineering and advancements in human factors-based technology,
phishing emails are becoming more prevalent in exploiting human factors and
external factors. Such factors have been researched upon in pairs, not overall.
Till date, there is not much research done to identify the collaborative links
between authority, urgency, risk perception and human factors such as
personality traits, and knowledge. This study investigates about phishing email
characters, external influences, human factors influences, and their collaborative
effects. </p>
|
10 |
What are Users Willing to Comply With to Avoid Phishing? : An Interview-based Case StudyBårman, Jennifer January 2023 (has links)
Phishing (nätfiske) fortsätter att vara ett av de vanligaste hoten för användare på Internet. På grund av detta så har mycket forskning gjorts på säkerhetsåtgärder för att identifiera och stoppa nätfiske. Mycket av detta arbete går till maskininlärning, medans ett välkänt behov av utbildning av användarsäkerhet på Internet finns. Användare är den största sårbarheten inom IT, och de borde därför bli utbildade och uppmuntrade att agera säkert på Internet. Denna studie fokuserade på ett mellanstort företag som jobbar med IT i Sverige, på dess användares förmåga och vilja att hantera sin epost säkert för att undvika att gå på nätfiske. Detta har studerats genom intervjuer med anställda på företaget. För möjlighet för transparens och replikering av studiens resultat så startades intervjuerna med att etablera respondenternas bakgrund och erfarenhet med nätfiske. Detta följdes av en demonstration av de vanligaste tecknen på nätfiske som hölls för varje intervjuade individ, för att försäkra att de hade kunskap om dem. Demonstrationen följdes sedan av ytterligare frågor som uppmuntrade deltagarna att först reflektera på ämnet, och sedan möjligheter för dem att utöka sin kunskap.Det som kom fram under intervjuerna var att användarna på företaget alla hade erfarenhet av nätfiske och visste i teorin hur man identifierar nätfiske. Detta trots att majoriteten av medverkande inte hade någon officiell utbildning inom ämnet. Alla användare som medverkade var villiga att göra det som förväntas av dem ifrån företaget. Alla respondenter i denna studie var villiga att göra det de kan för att undvika nätfiske, och några var villiga att gå längre än så på deras arbetsplats genom att utöka deras kompetens. Ingen medverkande i studien uttryckte ovilja att utbilda sig själv ytterligare i ämnet. Två av de åtta respondenterna tog emellertid upp ett starkt argument, att tiden för kontrollen av eposten inte borde överskrida användbarheten av processen. Sammanfattningsvis så har vissa användare behov av incentiv för att förbättra sin säkerhet, någon form av förklaring för varför vissa åtgärder behövs. Om sådant rättfärdigande kunde göras så fanns inga klagomål eller motvilja till att agera mer säkert. / Phishing continues to be one of the most common threats for users of the Internet. As such, a lot of research is made into security measures to identify and stop phishing. A lot of this work goes into machine learning, while it is known that user education on Internet security is needed. Users are the biggest vulnerability within IT, and should therefore be educated and encouraged to act securely on the Internet. This study's focus is on a medium-sized company working with IT in Sweden, on their users’ ability and willingness to handle their emails securely to avoid falling for phishing scams.This was studied through interviews with employees of the company. For the sake of transparency and replication, the interviews were started by establishing the respondents’ background and experiences with phishing. Following this a demonstration of some of the most common tells of phishing was held for each interviewee, to ensure that they know about them. The demonstration was then followed by further questions encouraging the interviewees to reflect upon first the subject, then possible opportunities for them to further their knowledge.What was found is that the users of the company all had experience with phishing and were knowledgeable in theory about how to identify phishing. This is despite the majority of the participants having no official education on the subject. It was found that all users who participated were willing to do what they are expected to do from the company. All respondents in this study were willing to do what they could to avoid phishing, and some were willing to go beyond that at their workplace by expanding their skills. No participant in the study expressed unwillingness to educate themselves further on the subject. However, an important opinion raised by two of the eight respondents was the aspect of time consumed to control all emails should not overshadow the usefulness of the practice. It was concluded that some users needed incentives to improve their security, justifications of why certain measures were needed. If such justifications could be made, there were no complaints or reluctance to act more securely.
|
Page generated in 0.0758 seconds