Anti-phishing as a web-based user service

This paper describes the recent phenomenon of phishing, in which email messages are sent to unwitting recipients in order to elicit personal information and perpetrate identity theft and financial fraud. A variety of existing techniques for addressing this problem are detailed and a novel approach to the provision of phishing advice is introduced. This takes the form of a Web-based user-service to which users may forward suspect email messages for inspection. The Anti- Phishing Web Service rates the suspect email and provides a Web-based report that the submitter may view. This approach promises benefits in the form of added security for the end-user and insight on the factors that are most revealing of phishing attacks

An Empirical Assessment of Audio/Visual/Haptic Alerts and Warnings to Mitigate Risk of Phishing Susceptibility in Emails on Mobile Devices

Phishing emails present a threat to both personal and organizational data. Phishing is a cyber-attack using social engineering. About 94% of cybersecurity incidents are due to phishing and/or social engineering. A significant volume of prior literature documented that users are continuing to click on phishing links in emails, even after phishing awareness training. It appears there is a strong need for creative ways to alert and warn users to signs of phishing in emails. The main goal of the experiments in this study was to measure participants’ time for recognizing signs of phishing in emails, thus, reducing susceptibility to phishing in emails on mobile devices. This study included three phases. The first phase included 32 Subject Matter Experts (SMEs) that provided feedback on the top signs of phishing in emails, audio/visual/haptic pairings with the signs of phishing, and developmental constructs toward a phishing alert and warning system. The second phase included a pilot study with five participants to validate a phishing alert and warning system prototype. The third phase included delivery of the Phishing Alert and Warning System, (PAWS Mobile App ™) with 205 participants. The results of the first phase aligned the constructs for the alert and warning system. A female voice-over warning was chosen by the SMEs as well as visual icon alerts for the top signs of phishing in emails. This study designed, developed, as well as empirically tested the PAWS Mobile App, that alerted and warned participants to the signs of phishing in emails on mobile devices. PAWS displayed a randomized series of 20 simulated emails to participants with varying displays of either no alerts and warnings, or a combination of alerts and warnings. The results indicated audio alerts and visual warnings potentially lower phishing susceptibility in emails. Audio and visual warnings appeared to have assisted the study participants in noticing phishing emails more easily, and in less time than without audio and visual warnings. The results of this study also indicated alerts and warnings assisted participants in noticing distinct signs of phishing in the simulated phishing emails viewed. This study implicates phishing email alerts and warnings applied and configured to email applications may play a significant role in the reduction of phishing susceptibility

An Assay: Next Generation Automated Cyber Defense Mechanism against Advanced Phishing Attacks and Campaigns Using Threat Hunting and SOAR Capabilities

We are in the new era of cyber security, now a day’s, a lot of companies and organizations are facing issues against cybercriminals. They are getting more sophisticated attacks creatively and 50-60% of those attacks and incidents are coming through Phishing. Phishing is a type of attack that involves sending an email or making a similar attempt to obtain information from the recipient. To detect these attacks one of solution is Threat Hunting. This whole process takes tedious manual effort and time. To avoid manual intervention and vast time effort we have implemented a framework using different threat hunting approaches conducting an in-depth analysis of phishing emails, integrating with Security Information Event Management (SIEM) and Security Orchestration Automation Response (SOAR) tools and Automated Threat Intel Detection using Internal & External feeds. Here, we combine both automated workflows and Human Investigation to identify advanced persistent attacks. The experiments conducted ascertain that the proposed model can identify 80-90% of threats against any organization and generate accurate metrics & reports

A Naturalistic Methodology for Assessing Susceptibility to Social Engineering Through Phishing

Phishing continues to be a prevalent social engineering attack. Attacks are relatively easy to setup and can target many people at low cost. This study presents a naturalistic field experiment that can be staged by organisations to determine their exposure. This exercise provides results with high ecological validity and can give organisations the information they need to craft countermeasures to social engineering risks. The study was conducted at a university campus in Kenya where 241 valid system users, also known as “insiders,” are targeted in a staged phishing experiment. The results show that 31.12% of the insiders are susceptible to phishing and 88% of them disclose passwords that grant access to attackers. This study outlines various ethical considerations that ensure such exercises do not present any actual harm. The design of data collection instruments is discussed in depth to allow organisations the opportunity to develop similar tools for routine threat assessment

Can We Fight Social Engineering Attacks By Social Means? Assessing Social Salience as a Means to Improve Phish Detection

Phishing continues to be a problem for both individuals and organisations, with billions of dollars lost every year. We propose the use of nudges – more specifically social saliency nudges that aim to highlight important information to the user when evaluating emails. We used a signal detection analysis to assess the effects of both sender saliency (highlighting important fields from the sender) and receiver saliency (showing numbers of other users in receipt of the same email). Sender saliency improved phish detection but did not introduce any unwanted response bias. Users were asked to rate their confidence in their own judgements and these confidence scores were poorly calibrated with actual performance, particularly for phishing (as opposed to genuine) emails. We also examined the role of impulsive behaviour on phish detection, concluding that those who score highly on dysfunctional impulsivity are less likely to detect the presence of phishing emails

Prevention of Phishing Attacks Using AI-Based Cybersecurity Awareness Training

Machine learning has been described as an effective measure in avoiding most cyberattacks. The development of AI has therefore promoted increased security for most computer attacks. Phishing attacks are risky and can be prevented through AI-based solutions. This factor suggests the need for increased awareness of cybersecurity through AI. Developing awareness for most people will prevent these types of attacks. The research paper describes how the awareness of AI-based cybersecurity could ensure a reduction of phishing attacks. The paper, therefore, showcases the effectiveness of AI-based cybersecurity awareness training and how it may influence cyber-attacks

Password Cracking and Countermeasures in Computer Security: A Survey

With the rapid development of internet technologies, social networks, and other related areas, user authentication becomes more and more important to protect the data of the users. Password authentication is one of the widely used methods to achieve authentication for legal users and defense against intruders. There have been many password cracking methods developed during the past years, and people have been designing the countermeasures against password cracking all the time. However, we find that the survey work on the password cracking research has not been done very much. This paper is mainly to give a brief review of the password cracking methods, import technologies of password cracking, and the countermeasures against password cracking that are usually designed at two stages including the password design stage (e.g. user education, dynamic password, use of tokens, computer generations) and after the design (e.g. reactive password checking, proactive password checking, password encryption, access control). The main objective of this work is offering the abecedarian IT security professionals and the common audiences with some knowledge about the computer security and password cracking, and promoting the development of this area.Comment: add copyright to the tables to the original authors, add acknowledgement to helpe

Applying Cyber Threat Intelligence to Industrial Control Systems

A cybersecurity initiative known as cyber threat intelligence (CTI) has recently been developed and deployed. The overall goal of this new technology is to help protect network infrastructures. Threat intelligence platforms (TIPs) have also been created to help facilitate CTI effectiveness within organizations. There are many benefits that both can achieve within the information technology (IT) sector. The industrial control system (ICS) sector can also benefit from these technologies as most ICS networks are connected to IT networks. CTI and TIPs become resourceful when using indicators of compromise (IOCs) from known ICS malware attacks and an open source intrusion detection system (IDS). This research shows how these IT-based technologies may help protect ICS. Three known malware attack scenarios are used to showcase its likely deployment. These scenarios are well-documented campaigns that targeted ICS environments and consisted of numerous IOCs. Equipped with this data, critical asset owners can obtain situational awareness on potential attacks and protect their devices with the proper implementation of CTI and TIP technologies

Checking, Nudging or Scoring? Evaluating e-Mail User Security Tools

Phishing e-mail threats are increasing in sophistication. Technical measures alone do not fully prevent users from falling for them and common e-mail interfaces provide little support for users to check an e-mail’s legitimacy. We designed three email user security tools to improve phishing detection within a common e-mail interface and provide a formative evaluation of the usability of these features: two psychological nudges to alert users of suspicious e-mails and a “check” button to enable users to verify an email’s legitimacy. Professional email users (N = 27) found the “suspicion score” nudge and “check” button the most useful. These alerted users of suspicious e-mails, without harming their productivity, and helped users assert trust in legitimate ones. The other nudge was too easily ignored or too disruptive to be effective. We also found that users arrive at erroneous judgements due to differing interpretations of e-mail details, even though two-thirds of them completed cybersecurity training before. These findings show that usable and therefore effective e-mail user security tools can be developed by leveraging cues of legitimacy that augment existing user behaviour, instead of emphasising technical security training

Broadbandmatters.com: Recommended Broadband New for Around the Web, February 2, 2018

Weekly newsletter produced by the Iowa Communications Network Department. This newsletter includes information about all of the different matters that are going on in the state of Iowa