Commercial Anti-Smishing Tools and Their Comparative Effectiveness Against Modern Threats

Smishing, also known as SMS phishing, is a type of fraudulent communication in which an attacker disguises SMS communications to deceive a target into providing their sensitive data. Smishing attacks use a variety of tactics; however, they have a similar goal of stealing money or personally identifying information (PII) from a victim. In response to these attacks, a wide variety of anti-smishing tools have been developed to block or filter these communications. Despite this, the number of phishing attacks continue to rise. In this paper, we developed a test bed for measuring the effectiveness of popular anti-smishing tools against fresh smishing attacks. To collect fresh smishing data, we introduce Smishtank.com, a collaborative online resource for reporting and collecting smishing data sets. The SMS messages were validated by a security expert and an in-depth qualitative analysis was performed on the collected messages to provide further insights. To compare tool effectiveness, we experimented with 20 smishing and benign messages across 3 key segments of the SMS messaging delivery ecosystem. Our results revealed significant room for improvement in all 3 areas against our smishing set. Most anti-phishing apps and bulk messaging services didn't filter smishing messages beyond the carrier blocking. The 2 apps that blocked the most smish also blocked 85-100\% of benign messages. Finally, while carriers did not block any benign messages, they were only able to reach a 25-35\% blocking rate for smishing messages. Our work provides insights into the performance of anti-smishing tools and the roles they play in the message blocking process. This paper would enable the research community and industry to be better informed on the current state of anti-smishing technology on the SMS platform

Are Current CCPA Compliant Banners Conveying User's Desired Opt-Out Decisions? An Empirical Study of Cookie Consent Banners

The California Consumer Privacy Act (CCPA) secures the right to Opt-Out for consumers in California. However, websites may implement complex consent mechanisms that potentially do not capture the user's true choices. We investigated the user choices in Cookie Consent Banner of US residents, the plurality of whom were from California, through an online experiment of 257 participants and compared the results with how they perceived to these Cookie Consent Banner. Our results show a contradiction between how often participants self-report their Opt-Out rates and their actual Opt-Out rate when interacting with a complex, CCPA-compliant website. This discrepancy expands the context with which modern websites may implement the CCPA without providing users sufficient information or instruction on how to successfully Opt-Out. We further elaborate on how US residents respond to and perceive the GDPR-like Opt-In model. Our results indicate that even though very few consumers actually exercised their right to Opt-Out, the majority of US consumers desire more transparent privacy policies that the current implementation of CCPA on websites lacks

Users really do respond to smishing

Text phish messages, referred to as Smishing is a type of social engineering attack where fake text messages are created, and used to lure users into responding to those messages. These messages aim to obtain user credentials, install malware on the phones, or launch smishing attacks. They ask users to reply to their message, click on a URL that redirects them to a phishing website, or call the provided number. Thousands of mobile users are affected by smishing attacks daily. Drawing inspiration by the works of Tu et al. (USENIX Security, 2019) on Robocalls and Tischer et al. (IEEE Symposium on Security and Privacy, 2016) on USB drives, this paper investigates why smishing works. Accordingly, we designed smishing experiments and sent phishing SMSes to 265 users to measure the efficacy of smishing attacks. We sent eight fake text messages to participants and recorded their CLICK, REPLY, and CALL responses along with their feedback in a post-test survey. Our results reveal that 16.92% of our participants had potentially fallen for our smishing attack. To test repeat phishing, we subjected a set of randomly selected participants to a second round of smishing attacks with a different message than the one they received in the first round. As a result, we observed that 12.82% potentially fell for the attack again. Using logistic regression, we observed that a combination of user REPLY and CLICK actions increased the odds that a user would respond to our smishing message when compared to CLICK. Additionally, we found a similar statistically significant increase when comparing Facebook and Walmart entity scenario to our IRS baseline.Comment: CODASPY'2

Blind Channel Equalization with Amplitude Banded Godard and Sato Algorithms

Abstract—The least-mean-squares (LMS) algorithm which updates the filter coefficients by a stochastic gradient descent approach is the most popular adaptive filtering one. In this paper we propose a novel amplitude banded (AB) technique with LMS on Godard (ABGodard) and Sato (ABSato) algorithms for the equalization of communication channels. The non-linear properties of the AB technique with LMS algorithm are inherited into the ABGodard and ABSato algorithms, resulting in an improvement of equalization performance. These properties are validated from a signal separation aspect based on decision boundary. Mean square error (MSE) and bit error rate (BER) are investigated on several communication channel models. Observations on simulations show that the ABGodard and ABSato algorithms provide better performance than the standard Godard and Sato algorithms, respectively, and that the ABSato algorithm is superior to the ABGodard algorithm. As the division number used for the AB technique is increased, the MSE and BER performances of the ABSato algorithm are improved. A parallel structure of the Sato and ABSato algorithms provides a further improvement of the MSE and BER performances

Heavy metals removal from water by efficient adsorbents

Natural occurrence and anthropogenic practices contribute to the release of pollutants, specifically heavy metals, in water over the years. Therefore, this leads to a demand of proper water treatment to minimize the harmful effects of the toxic heavy metals in water, so that a supply of clean water can be distributed into the environment or household. This review highlights several water treatment methods that can be used in removing heavy metal from water. Among various treatment methods, the adsorption process is considered as one of the highly effective treatments of heavy metals and the functionalization of adsorbents can fully enhance the adsorption process. Therefore, four classes of adsorbent sources are highlighted: polymeric, natural mineral, industrial by-product, and carbon nanomaterial adsorbent. The major purpose of this review is to gather up-to-date information on research and development on various adsorbents in the treatment of heavy metal from water by emphasizing the adsorption capability, effect of pH, isotherm and kinetic model, removal efficiency and the contact of time of every adsorbent

Synthesis of polymeric chelating ligands from sago starch for metal removal from electroplating wastewater

30-37Polymeric chelating ligands containing hydroxamic acid and amidoxime ligands have been synthesized from poly(methyl acrylate-co-acrylonitrile) grafted sago starch. Batch adsorption has been performed to identify the binding property of metal ions. <span style="mso-ansi-language: EN-US;mso-bidi-language:BN" lang="EN-US">Maximum sorption capacity of copper is found to be 2.80 mmol g-1, however other transition metals has good sorption capacity with this ligands. The rate of exchange of some metals is found to be fast, i.e. t½ 6 min (average). Three types of wastewater containing chromium, zinc, nickel, copper, and iron have been used in this study. The metal recovery is found to be high, and more than 99% of the metals could be removed from the metal plating wastewater. Polymeric chelating ligands could be used to remove the metals from wastewater. </span

Production of biogas from poultry litter mixed with the co-substrate cow dung

Poultry litter (a mixture of rice hulls, sawdust and chicken excreta of broilers) mixed with the co-substrate cow dung and poultry droppings was evaluated under anaerobic conditions for the production of biogas (methane). Four laboratory scale reactors, R1, R2, R3 and R4, were set up with different proportions of waste poultry litter, cow dung and poultry droppings and had a 6% total solid concentration. Digestion was carried out for 50 days at room temperature, 32 ± 3 °C. Volatile solid degradation and specific gas production in the four reactors was 46%, 51.99%, 51.96%, 43% and 0.263, 0.469, 0.419, 0.221 l/g, respectively, based on the volatile solid (VS) feed. The methane yields were 71%, 72.5%, 72.6% and 70%, respectively. The COD reductions were 46.1%, 50.76%, 48.23% and 45.12%, respectively. A kinetic analysis showed that the anaerobic digestion of poultry litter with a co-substrate followed first order kinetics. Among the experimental reactors, R2 (25% cow dung, 75% poultry litter) gave the optimum results: a VS reduction of 51.99%, a specific gas yield of 0.469 l/g and a methane yield of 72.5%