scispace - formally typeset
Topic

Phishing

About: Phishing is a(n) research topic. Over the lifetime, 5064 publication(s) have been published within this topic receiving 80213 citation(s). The topic is also known as: phishing attack.

...read more

Papers
More filters

Proceedings ArticleDOI
22 Apr 2006-
TL;DR: This paper provides the first empirical evidence about which malicious strategies are successful at deceiving general users by analyzing a large set of captured phishing attacks and developing a set of hypotheses about why these strategies might work.

...read more

Abstract: To build systems shielding users from fraudulent (or phishing) websites, designers need to know which attack strategies work and why. This paper provides the first empirical evidence about which malicious strategies are successful at deceiving general users. We first analyzed a large set of captured phishing attacks and developed a set of hypotheses about why these strategies might work. We then assessed these hypotheses with a usability study in which 22 participants were shown 20 web sites and asked to determine which ones were fraudulent. We found that 23% of the participants did not look at browser-based cues such as the address bar, status bar and the security indicators, leading to incorrect choices 40% of the time. We also found that some visual deception attacks can fool even the most sophisticated users. These results illustrate that standard security indicators are not effective for a substantial fraction of users, and suggest that alternative approaches are needed.

...read more

1,281 citations


Journal ArticleDOI
TL;DR: Sometimes a "friendly" email message tempts recipients to reveal more online than they otherwise would, playing right into the sender's hand.

...read more

Abstract: Sometimes a "friendly" email message tempts recipients to reveal more online than they otherwise would, playing right into the sender's hand.

...read more

953 citations


Proceedings ArticleDOI
Yue Zhang1, Jason Hong2, Lorrie Faith Cranor2Institutions (2)
08 May 2007-
TL;DR: The design, implementation, and evaluation of CANTINA, a novel, content-based approach to detecting phishing web sites, based on the TF-IDF information retrieval algorithm, are presented.

...read more

Abstract: Phishing is a significant problem involving fraudulent email and web sites that trick unsuspecting users into revealing private information. In this paper, we present the design, implementation, and evaluation of CANTINA, a novel, content-based approach to detecting phishing web sites, based on the TF-IDF information retrieval algorithm. We also discuss the design and evaluation of several heuristics we developed to reduce false positives. Our experiments show that CANTINA is good at detecting phishing sites, correctly labeling approximately 95% of phishing sites.

...read more

733 citations


Journal ArticleDOI
Ross Anderson1, Tyler Moore1Institutions (1)
27 Oct 2006-Science
TL;DR: The economics of information security has recently become a thriving and fast-moving discipline and provides valuable insights into more general areas such as the design of peer-to-peer systems, the optimal balance of effort by programmers and testers, why privacy gets eroded, and the politics of digital rights management.

...read more

Abstract: The economics of information security has recently become a thriving and fast-moving discipline. As distributed systems are assembled from machines belonging to principals with divergent interests, we find that incentives are becoming as important as technical design in achieving dependability. The new field provides valuable insights not just into "security" topics (such as bugs, spam, phishing, and law enforcement strategy) but into more general areas such as the design of peer-to-peer systems, the optimal balance of effort by programmers and testers, why privacy gets eroded, and the politics of digital rights management.

...read more

674 citations


Proceedings ArticleDOI
04 Oct 2010-
TL;DR: A characterization of spam on Twitter finds that 8% of 25 million URLs posted to the site point to phishing, malware, and scams listed on popular blacklists, and examines whether the use of URL blacklists would help to significantly stem the spread of Twitter spam.

...read more

Abstract: In this work we present a characterization of spam on Twitter. We find that 8% of 25 million URLs posted to the site point to phishing, malware, and scams listed on popular blacklists. We analyze the accounts that send spam and find evidence that it originates from previously legitimate accounts that have been compromised and are now being puppeteered by spammers. Using clickthrough data, we analyze spammers' use of features unique to Twitter and the degree that they affect the success of spam. We find that Twitter is a highly successful platform for coercing users to visit spam pages, with a clickthrough rate of 0.13%, compared to much lower rates previously reported for email spam. We group spam URLs into campaigns and identify trends that uniquely distinguish phishing, malware, and spam, to gain an insight into the underlying techniques used to attract users.Given the absence of spam filtering on Twitter, we examine whether the use of URL blacklists would help to significantly stem the spread of Twitter spam. Our results indicate that blacklists are too slow at identifying new threats, allowing more than 90% of visitors to view a page before it becomes blacklisted. We also find that even if blacklist delays were reduced, the use by spammers of URL shortening services for obfuscation negates the potential gains unless tools that use blacklists develop more sophisticated spam filtering.

...read more

592 citations


Network Information
Related Topics (5)
Malware

14.4K papers, 268K citations

89% related
Information security

25.2K papers, 327.7K citations

89% related
Access control

32.6K papers, 475K citations

88% related
Password

35K papers, 389.6K citations

88% related
Denial-of-service attack

10.2K papers, 157.8K citations

87% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202211
2021484
2020542
2019477
2018422
2017356

Top Attributes

Show by:

Topic's top 5 most impactful authors

Nalin Asanka Gamagedara Arachchilage

19 papers, 650 citations

Markus Jakobsson

17 papers, 1.5K citations

Ponnurangam Kumaraguru

17 papers, 1.7K citations

Christopher B. Mayhorn

13 papers, 266 citations

Rakesh M. Verma

13 papers, 243 citations