Achieving a consensual definition of phishing based on a systematic review of the literature

Lastdrager, Elmer

doi:10.1186/s40163-014-0009-y

Cited by 84 publications

(50 citation statements)

References 32 publications

(34 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In order to make the study as close as possible to a real phishing scenario, we implemented a fullscreen page API. 1 Moreover, by hovering their cursor over specific areas of the images, participants were able to identify useful information about the web page including security certificate information, button links, and basic source code. This was setup to mirror real web pages and to allow participants to move their mouse in the areas they were actually inspecting.…”

Section: Overviewmentioning

confidence: 99%

Baiting the hook: factors impacting susceptibility to phishing attacks

Iuga

Nurse

Erola

2016

Hum. Cent. Comput. Inf. Sci.

View full text Add to dashboard Cite

Over the last decade, substantial progress has been made in understanding and mitigating phishing attacks. Nonetheless, the percentage of successful attacks is still on the rise. In this article, we critically investigate why that is the case, and seek to contribute to the field by highlighting key factors that influence individuals’ susceptibility to phishing attacks. For our investigation, we conducted a web-based study with 382 participants which focused specifically on identifying factors that help or hinder Internet users in distinguishing phishing pages from legitimate pages. We considered relationships between demographic characteristics of individuals and their ability to correctly detect a phishing attack, as well as time-related factors. Moreover, participants’ cursor movement data was gathered and used to provide additional insight. In summary, our results suggest that: gender and the years of PC usage have a statistically significant impact on the detection rate of phishing; pop-up based attacks have a higher rate of success than the other tested strategies; and, the psychological anchoring effect can be observed in phishing as well. Given that only 25 % of our participants attained a detection score of over 75 %, we conclude that many people are still at a high risk of falling victim to phishing attacks but, that a careful combination of automated tools, training and more effective awareness campaigns, could significantly help towards preventing such attacks.

show abstract

Section: Overviewmentioning

confidence: 99%

Baiting the hook: factors impacting susceptibility to phishing attacks

Iuga

Nurse

Erola

2016

Hum. Cent. Comput. Inf. Sci.

View full text Add to dashboard Cite

show abstract

“…There is no universal definition for phishing and so far there have been many definitions for phishing attacks. For instance, Figure (2) represents the number of definitions for phishing attacks in respected papers [12]. As can be seen from the figure, in 2012 about 23 different definitions for phishing were presented.…”

Section: A Definitions Of Phishingmentioning

confidence: 99%

“…Phishing is an internet attack using social engineering where the intruder tries to use different online or other techniques such as chat, SMS, and email to encourage users to enter certain websites to do a certain act [12].…”

Section: A Definitions Of Phishingmentioning

confidence: 99%

Detecting Internet Phishing Attacks Using Data Mining Methods

2016

3rd International Conference on Innovative Engineering Technologies (ICIET'2016) August 5-6, 2016 Bangkok (Thailand)

View full text Add to dashboard Cite

Abstract-Nowadays, the high rate of internet usage among cell phone users has caused many commercial and financial services to be provided through the internet. Despite the fact that internet has provided a functional platform for financial transactions of the users, it can also become challenging and dangerous. Information theft or phishing is a security challenge which is usually carried out by sending spoofed emails and spams. In this type of attacks, attackers usually try to earn the trust of the users by sending deceptive emails in order to direct them towards certain websites which contain spoofed pages for capturing user information. Phishing attacks based on spams are one of the most significant barriers for expanding online financial activities which can cause great losses for financial and credit institutions annually. Assessing the behavior of hackers in sending spam emails and carrying out phishing attacks shows that these attacks follow a particular pattern which is not discernable at the first glance. Discovering the hidden patterns of phishing attacks can be effective in developing software systems for protecting against this type of attacks. Data mining possesses a number of methods for extracting useful information from different unorganized data. This study tries to use a set of data mining tools for analyzing the data from these attacks in order to identify and detect the useful patterns of these attacks. The overall results show that compared to other methods, neural network is more accurate and more sensitive in detecting such attacks.

show abstract

“…Exploitation begins and extends when the user begins to share passwords and usernames via the social network. The fourth phase, execution, is the stage at which the attacker accomplishes the ultimate goal by executing the attack and exiting the relationship in such a way that the target does not realize [8]. The fact that there is a cycle does not mean all the attacks are similar; each is unique and may involve one or multiple phases.…”

Section: Social Engineering and Phishingmentioning

confidence: 99%

Current Computer Network Security Issues/Threats

Yassir¹,

Ismaeel²

2016

IJCA

View full text Add to dashboard Cite

Computer network security has been a subject of concern for a long period. Many efforts have been made to address the existing and emerging threats such as viruses and Trojan among others without any significant success. Worse, new issues and threats have been emerging given that technology changes and becomes obsolete in a short while. In this regard, this research delves into the current network security issues in order to give future directions of research in a bid to help security technologists know where to focus their resources. This research examines the threats in terms of whether they are hardware or software issues. The need of this research is well articulated with the current security threats and countermeasures clearly outlined. The research found the following as the current major security threats: social engineering and phishing, malware infiltration through external hardware and removable media, malware infection through intranet and Internet, invasion through remote access, human sabotage or error, DDoS attacks, and cloud and extranet components being compromised.

show abstract

Achieving a consensual definition of phishing based on a systematic review of the literature

Cited by 84 publications

References 32 publications

Baiting the hook: factors impacting susceptibility to phishing attacks

Baiting the hook: factors impacting susceptibility to phishing attacks

Detecting Internet Phishing Attacks Using Data Mining Methods

Current Computer Network Security Issues/Threats

Contact Info

Product

Resources

About