Why is phishing still successful?

Bhardwaj, Akashdeep; Sapra, Varun; Kumar, Aman; Kumar, N. Praveen; Arthi, S

doi:10.1016/s1361-3723(20)30098-1

Cited by 26 publications

(18 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Porém, um grave problema é que os crimes relacionados ao COVID-19 estão evoluindo e se adequando às mudanças situacionais da pandemia [23], o que facilita ludibriar os usuários. Isso é ressaltado por Bhardwaj et al [24], que afirmam que 60% das brechas de dados são causadas por erro humano, e corroborado por outros autores, que mapeiam os seguintes problemas relacionados: número de usuários inexperientes usando o espaço cibernético com maior frequência [7,25,26]; idosos que são inseguros ao lidar com questões de segurança cibernética [27]; pessoas que escolhem ignorar a atualização de seus dispositivos [3,25]; questões quanto ao trabalho remoto, como dispositivos próprios que normalmente são menos seguros que os da empresa [8,13,25]; XII Computer on the Beach 7 a 9 de Abril de 2021, Online, SC, Brasil Beppler et al…”

Section: Crimes Cibernéticos E Covid-19unclassified

“…Ataques por phishing são o tipo de crime com maior taxa de aumento [28] e representam mais de 80% dos incidentes cibernéticos [5,29]. O objetivo é atrair e enganar uma vítima para obter o máximo de informações possível [24] e os ataques mais eficazes são aqueles que afetam emoções e preocupações [28]. Phishing é geralmente associado a malware, pois muitas vezes a engenharia social é utilizada para que a vítima faça o download de programas maliciosos [11].…”

Section: Phishingunclassified

“…Phishing é geralmente associado a malware, pois muitas vezes a engenharia social é utilizada para que a vítima faça o download de programas maliciosos [11]. Bhardwaj et al [24] afirmam que 90% dos e-mails de phishing são detectados pelos gateways dos próprios servidores de e-mail, mas os 10% restantes foram responsáveis por mais de 170.000 incidentes dentro de organizações dos EUA. Para ele, servidores de e-mail só impedem os níveis mais básicos de phishing.…”

Section: Phishingunclassified

“…Os ataques são, em geral, de baixo custo [12], com taxa de sucesso razoavelmente alta (cerca de US$17.700 são perdidos por minuto) [5]. No Brasil, em 10 meses de 2019, esses ataques cresceram 232% [24].…”

Section: Phishingunclassified

“…Naidoo [23] e Swasey [22] afirmam que os ataques de phishing relacionados ao vírus aumentaram 667%. Só em abril foram enviados 18 milhões de de e-mails relacionados ao COVID-19 [12,[22][23][24]. Muitas campanhas utilizam o remetente do e-mail de organizações da saúde reconhecidas, como da OMS (WHO em inglês).…”

Section: Phishingunclassified

See 4 more Smart Citations

Notícias Falsas, Dano Real: Levantamento, Análise e Discussão de Phishing, Malware e Fake News sobre COVID-19

Beppler

Yada

Bona

et al. 2021

Anais Do XII Computer on the Beach - COTB '21

View full text Add to dashboard Cite

Coronavirus pandemic (COVID-19) has been one of the most trendingtopics in 2020’s overall media. The virus’ first registers dateback to December 2019 in China, and its spread has affected morethan 50 million people around the world. Since social distance is themost advisable recommendation by health organizations, companiesmassively adopted remote work. The Internet became a hugeallied for several jobs maintenance, but it also increased social engineeringattacks based on the COVID-19 topic to steal sensitiveinformation and/or spread malicious code. In this paper, we reviewthe literature about phishing, malware and fake news that takeadvantage of COVID-19 to distress users and organizations in orderto accomplish cyber attacks, and discuss their implications.

show abstract

Section: Crimes Cibernéticos E Covid-19unclassified

Section: Phishingunclassified

See 3 more Smart Citations

Notícias Falsas, Dano Real: Levantamento, Análise e Discussão de Phishing, Malware e Fake News sobre COVID-19

Beppler

Yada

Bona

et al. 2021

Anais Do XII Computer on the Beach - COTB '21

View full text Add to dashboard Cite

show abstract

Replacing Human Input in Spam Email Detection Using Deep Learning

Nicho

Majdani

McDermott

2022

Lecture Notes in Computer Science

View full text Add to dashboard Cite

The Covid-19 pandemic has been a driving force for a substantial increase in online activity and transactions across the globe. As a consequence, cyber-attacks, particularly those leveraging email as the preferred attack vector, have also increased exponentially since Q1 2020. Despite this, email remains a popular communication tool. Previously, in an effort to reduce the amount of spam entering a users inbox, many email providers started to incorporate spam filters into their products. However, many commercial spam filters rely on a human to train the filter, leaving a margin of risk if sufficient training has not occurred. In addition, knowing this, hackers employ more targeted and nuanced obfuscation methods to bypass in-built spam filters. In response to this continued problem, there is a growing body of research on the use of machine learning techniques for spam filtering. In many cases, detection results have shown great promise, but often still rely on human input to classify training datasets. In this study, we explore specifically the use of deep learning as a method of reducing human input required for spam detection. First, we evaluate the efficacy of popular spam detection methods/tools/techniques (freeware). Next, we narrow down machine learning techniques to select the appropriate method for our dataset. This was then compared with the accuracy of freeware spam detection tools to present our results. Our results showed that our deep learning model, based on simple word embedding and global max pooling (SWEM-max) had higher accuracy (98.41%) than both Thunderbird (95%) and Mailwasher (92%) which are based on Bayesian spam filtering. Finally, we postulate whether this improvement is enough to accept the removal of human input in spam email detection.

show abstract

Phishing Attack Victims and the Effect on Work Engagement

Werner

Njenga

2023

Communications in Computer and Information Science

View full text Add to dashboard Cite

Why is phishing still successful?

Cited by 26 publications

References 1 publication

Notícias Falsas, Dano Real: Levantamento, Análise e Discussão de Phishing, Malware e Fake News sobre COVID-19

Notícias Falsas, Dano Real: Levantamento, Análise e Discussão de Phishing, Malware e Fake News sobre COVID-19

Replacing Human Input in Spam Email Detection Using Deep Learning

Phishing Attack Victims and the Effect on Work Engagement

Contact Info

Product

Resources

About