Phishing Phishers - Observing and Tracing Organized Cybercrime

Birk, Dominik; Gajek, Sebastian; Gröbert, Felix; Sadeghi, Ahmad-Reza

doi:10.1109/icimp.2007.33

Cited by 24 publications

(16 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Regarding financial cybercrimes specifically, Birk et al (2007) referred to organised cybercrime in cases of identity theft through phishing, but organisational structures are not analysed in their study. More recently, Hutchings' study on computer crimes compromising data and financial security (Hutchings 2014) suggested that many cyber offenders are highly networked, cooperate with each other to commit offences, and learn their behaviour from others.…”

Section: Cyber Oc: Success and Criticism Of A Conceptmentioning

confidence: 99%

“…Some publications suggested that organised crime (hereafter, OC) is or might be involved in financial cybercrimes (to name a few, Williams 2001;Birk et al 2007;Grabosky 2015), which would have important policing implications, but evidence-based research on this point is still scarce and inconclusive. When it comes to criminal networks active in cyberspace, in fact, some researchers are increasingly adopting the OC narrative to describe a broad range of offenders (for instance, McGuire 2012).…”

mentioning

confidence: 99%

See 1 more Smart Citation

Organised Cybercrime or Cybercrime that is Organised? An Assessment of the Conceptualisation of Financial Cybercrime as Organised Crime

Leukfeldt

Lavorgna

Kleemans

2016

Eur J Crim Policy Res

View full text Add to dashboard Cite

Criminological research over the last couple of decades has improved our understanding of cybercrimes. However, this body of research is regarded as still theoretically thin and not fully developed; more knowledge on the actors involved, their characteristics, and modus operandi is needed. Some publications recently suggested that organised crime is or might be involved in cybercrimes, which would have important policing implications, but evidence-based research on this point is still scarce and inconclusive. This article seeks to further this path of inquiry by providing a systematic analysis of 40 cases from The Netherlands, Germany, UK, and USA where criminal networks were involved in financial cybercrimes affecting the banking sector. It also assesses whether and to what extent these criminal networks meet the definitions of organised crime and discusses the theoretical and policing implications of our findings.

show abstract

Section: Cyber Oc: Success and Criticism Of A Conceptmentioning

confidence: 99%

mentioning

confidence: 99%

Organised Cybercrime or Cybercrime that is Organised? An Assessment of the Conceptualisation of Financial Cybercrime as Organised Crime

Leukfeldt

Lavorgna

Kleemans

2016

Eur J Crim Policy Res

View full text Add to dashboard Cite

show abstract

“…However, their solution takes effect only after a certain number of users become victims of a phishing attack. Birk et al [15] proposed a technique to inject fingerprinted credentials to phishing sites in order to trace those stolen credentials and reveal the phisher's identity.…”

Section: Related Workmentioning

confidence: 99%

Gemini: An Emergency Line of Defense against Phishing Attacks

Wang

Jajodia

2014

2014 IEEE 33rd International Symposium on Reliable Distributed Systems

View full text Add to dashboard Cite

This paper proposes a simple but very effective approach called Gemini to prevent victim users from exposing sensitive credentials to a phishing site. As an emergency line of defense, Gemini assumes that a victim user is already deceived into a phishing site and starts the user authentication procedure. Gemini springs into action once the username field is filled in, and tackles the phishing problem from a new perspective. In particular, by exploiting username input, Gemini is able to provide more accurate detection of a phishing site and much stronger protection for a password, the most confidential and crucial information for user authentication. To validate the efficacy of Gemini, we implement different prototypes of Gemini as a browser extension for IE, Firefox, and Chrome, respectively, and conduct extensive live experiments over various legitimate and phishing websites for more than one month. Our experimental results show that Gemini can achieve zero false negative rate and less than 1% false positive rate, and Gemini can effectively block the access to a phishing site before a victim user begins to enter in a password. Moreover, Gemini is complementary to existing antiphishing tools. The performance overhead induced by Gemini is minor and has a negligible effect upon users' browsing activities.

show abstract

“…A smurf, or more commonly termed money mule, is recruited by fraudsters as a financial intermediary who accepts money from one fraudster and forwards it to another fraudster for a fee. Mules are often engaged through the use of phishing strategies, such as bogus jobs, and not aware that they are dragged into illegal activities [9].…”

Section: Introductionmentioning

confidence: 99%

No Smurfs: Revealing Fraud Chains in Mobile Money Transfers

Zhdanova

Repp

Rieke

et al. 2014

2014 Ninth International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

Abstract-Mobile Money Transfer (MMT) services provided by mobile network operators enable funds transfers made on mobile devices of end-users, using digital equivalent of cash (electronic money) without any bank accounts involved. MMT simplifies banking relationships and facilitates financial inclusion, and, therefore, is rapidly expanding all around the world, especially in developing countries. MMT systems are subject to the same controls as those required for financial institutions, including the detection of Money Laundering (ML) -a source of concern for MMT service providers. In this paper we focus on an often practiced ML technique known as micro-structuring of funds or smurfing and introduce a new method for detection of fraud chains in MMT systems. Whereas classical detection methods are based on machine learning and data mining, this work builds on Predictive Security Analysis at Runtime (PSA@R), a modelbased approach for event-driven process analysis. We provide an extension to PSA@R which allows us to identify fraudsters in an MMT service monitoring network behavior of its endusers. We evaluate our method on simulated transaction logs, containing approximately 460,000 transactions for 10,000 endusers, and compare it with classical fraud detection approaches. With 99.81% precision and 90.18% recall, we achieve better recognition performance in comparison with the state of the art.

show abstract

Phishing Phishers - Observing and Tracing Organized Cybercrime

Cited by 24 publications

References 12 publications

Organised Cybercrime or Cybercrime that is Organised? An Assessment of the Conceptualisation of Financial Cybercrime as Organised Crime

Organised Cybercrime or Cybercrime that is Organised? An Assessment of the Conceptualisation of Financial Cybercrime as Organised Crime

Gemini: An Emergency Line of Defense against Phishing Attacks

No Smurfs: Revealing Fraud Chains in Mobile Money Transfers

Contact Info

Product

Resources

About