A socio-cognitive and computational model for decision making and user modelling in social phishing

Systems software quality, and system security in particular, is often compromised by phishing attacks. The latter were relatively easy to detect through phishing content filters, in the past. However, it has been increasingly difficult to stop more recent and sophisticated social phishing attacks. To protect the citizens from new types of phishing attacks, software quality engineers need to provide equally sophisticating preventive technology that models people’s reactions. The authors considered the behaviour of people on the Internet from a socio-cognitive perspective and deduced who could be more prone to be spoofed by social phishing techniques. The authors herein propose a computational and interdisciplinary metamodelling methodology, which can assist in capturing and understanding people’s interactive behaviour when they are online. Online behaviour can reveal Internet users’ knowledge, information, and beliefs in a given social context; these could also constitute significant factors for trust in social phishing circumstances which, in turn, can provide valuable insights and decision making meta-knowledge for recognition of potential victims of phishers. The proposed modelling approach is illustrated and explained using real-life phishing cases. This meta-model can i) help social computing and phishing researchers to understand users’ trust decisions from a socio-cognitive perspective, and ii) open ways to integrate artificial intelligence design techniques within software quality management practices in order to protect citizens from being spoofed by social phishing attacks. Thus, this software design quality approach will increase system security as a proactive maintenance strategy

User experiences of TORPEDO: TOoltip-poweRed Phishing Email DetectiOn

We propose a concept called TORPEDO to improve phish detection by providing just-in-time and just-in-place trustworthy tooltips. These help people to identify phish links embedded in emails. TORPEDO's tooltips contain the actual URL with the domain highlighted. Link activation is delayed for a short period, giving the person time to inspect the URL before they click on a link. Furthermore, TORPEDO provides an information diagram to explain phish detection. We evaluated TORPEDO's effectiveness, as compared to the worst case “status bar” as provided by other Web email interfaces. People using TORPEDO performed significantly better in detecting phishes and identifying legitimate emails (85.17% versus 43.31% correct answers for phish). We then carried out a field study with a number of TORPEDO users to explore actual user experiences of TORPEDO. We conclude the paper by reporting on the outcome of this field study and suggest improvements based on the feedback from the field study participants

Experimental Case Studies for Investigating E-Banking Phishing Techniques and Attack Strategies

Phishing is a form of electronic identity theft in which a combination of social engineering and web site spoofing techniques are used to trick a user into revealing confidential information with economic value. The problem of social engineering attack is that there is no single solution to eliminate it completely, since it deals largely with the human factor. This is why implementing empirical experiments is very crucial in order to study and to analyze all malicious and deceiving phishing website attack techniques and strategies. In this paper, three different kinds of phishing experiment case studies have been conducted to shed some light into social engineering attacks, such as phone phishing and phishing website attacks for designing effective countermeasures and analyzing the efficiency of performing security awareness about phishing threats. Results and reactions to our experiments show the importance of conducting phishing training awareness for all users and doubling our efforts in developing phishing prevention techniques. Results also suggest that traditional standard security phishing factor indicators are not always effective for detecting phishing websites, and alternative intelligent phishing detection approaches are needed

Detecting Phishing Web Pages using NB classifier and EMD Approach

Phishing is online security attack where attacker create replica of exiting web page for accessing users password, personal, financial data. Phishing is a form of online fraudulent activity in which an attacker aims to steal a victim’s personal information, such as a bank account, online banking password or a credit card number. Targets are tricked into providing such information by a combination of spoofing techniques and social engineering. We have proposed a new approach named as "Anti phishing framework using Bayesian approach for content based phishing web page detection. Our model used to detect the similarity between suspicious web page and secure web page through image and text contained by the web page. Text classifier, an image classifier and fusion algorithm the result from classifier are introduced. In the text classifier naive Bayes algorithm is used to calculate the Probability, an image classifier the earth mover’s distance algorithm is used to measure the visual Similarity and our Bayesian model is designed to determine the threshold. In data fusion detection for image classifier and text classifier means how many web site image and text are matched exactly. If any web page contains above 50% spam text and image so we are declare these web sites are phishing other-wise not phishing. DOI: 10.17762/ijritcc2321-8169.15013

Reducing risky security behaviours:utilising affective feedback to educate users

Despite the number of tools created to help end-users reduce risky security behaviours, users are still falling victim to online attacks. This paper proposes a browser extension utilising affective feedback to provide warnings on detection of risky behaviour. The paper provides an overview of behaviour considered to be risky, explaining potential threats users may face online. Existing tools developed to reduce risky security behaviours in end-users have been compared, discussing the success rate of various methodologies. Ongoing research is described which attempts to educate users regarding the risks and consequences of poor security behaviour by providing the appropriate feedback on the automatic recognition of risky behaviour. The paper concludes that a solution utilising a browser extension is a suitable method of monitoring potentially risky security behaviour. Ultimately, future work seeks to implement an affective feedback mechanism within the browser extension with the aim of improving security awareness

Trends in Phishing Attacks: Suggestions for Future Research

Deception in computer-mediated communication is a widespread phenomenon. Cyber criminals are exploiting technological mediums to communicate with potential targets as these channels reduce both the deception cues and the risk of detection itself. A prevalent deception-based attack in computer-mediated communication is phishing. Prior phishing research has addressed the “bait” and “hook” components of phishing attacks, the human-computer interaction that takes place as users judge the veracity of phishing emails and websites, and the development of technologies that can aid users in identifying and rejecting these attacks. Despite the extant research on this topic, phishing attacks continue to be successful as tactics evolve rendering existing research less relevant, and users disregard the recommendations of automated phishing tools. This paper summarizes the core of phishing research, provides an update on trending attack methods, and proposes future research addressing computer credibility in a phishing context

Fighting phishing at the user interface

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006.Includes bibliographical references (p. 193-199).The problem that this thesis concentrates on is phishing attacks. Phishing attacks use email messages and web sites designed to look as if they come from a known and legitimate organization, in order to deceive users into submitting their personal, financial, or computer account information online at those fake web sites. Phishing is a semantic attack. The fundamental problem of phishing is that when a user submits sensitive information online under an attack, his mental model about this submission is different from the system model that actually performs this submission. Specifically, the system sends the data to a different web site from the one where the user intends to submit the data. The fundamental solution to phishing is to bridge the semantic gap between the user's mental model and the system model. The user interface is where human users interact with the computer system. It is where a user's intention transforms into a system operation. It is where the semantic gap happens under phishing attacks. And therefore, it is where the phishing should be solved. There are two major approaches to bridge the semantic gap at the user interface. One approach is to reflect the system model to the user.(cont.) Anti-phishing toolbars and the browser's security indicators take this approach. User studies in this thesis show that this approach is not effective at preventing phishing. Users are required to constantly pay attention to the toolbar and are expected to have the expertise to always correctly interpret the toolbar message. Normal users meet neither of these requirements. The other approach is to let users tell the system their intentions when they are submitting data online. The system can then check if the actual submission meets the user's intention or not. If there is a semantic gap, the system can effectively warn the user about this discrepancy and provide a safe path to the user's intended site. Web Wallet, designed and implemented as a new anti-phishing solution, takes this a~pproach. It is a dedicated browser sidebar for users to submit their sensitive information online. User studies in this thesis shows that Web Wallet is not only an effective and promising anti-phishing solution but also a usable personal information manager.by Min Wu.Ph.D