Search results
1 – 10 of 101Tulsi Pawan Fowdur, M.A.N. Shaikh Abdoolla and Lokeshwar Doobur
The purpose of this paper is to perform a comparative analysis of the delay associated in running two real-time machine learning-based applications, namely, a video quality…
Abstract
Purpose
The purpose of this paper is to perform a comparative analysis of the delay associated in running two real-time machine learning-based applications, namely, a video quality assessment (VQA) and a phishing detection application by using the edge, fog and cloud computing paradigms.
Design/methodology/approach
The VQA algorithm was developed using Android Studio and run on a mobile phone for the edge paradigm. For the fog paradigm, it was hosted on a Java server and for the cloud paradigm on the IBM and Firebase clouds. The phishing detection algorithm was embedded into a browser extension for the edge paradigm. For the fog paradigm, it was hosted on a Node.js server and for the cloud paradigm on Firebase.
Findings
For the VQA algorithm, the edge paradigm had the highest response time while the cloud paradigm had the lowest, as the algorithm was computationally intensive. For the phishing detection algorithm, the edge paradigm had the lowest response time, and the cloud paradigm had the highest, as the algorithm had a low computational complexity. Since the determining factor for the response time was the latency, the edge paradigm provided the smallest delay as all processing were local.
Research limitations/implications
The main limitation of this work is that the experiments were performed on a small scale due to time and budget constraints.
Originality/value
A detailed analysis with real applications has been provided to show how the complexity of an application can determine the best computing paradigm on which it can be deployed.
Tianhao Xu and Prashanth Rajivan
Distinguishing phishing emails from legitimate emails continues to be a difficult task for most individuals. This study aims to investigate the psycholinguistic factors associated…
Abstract
Purpose
Distinguishing phishing emails from legitimate emails continues to be a difficult task for most individuals. This study aims to investigate the psycholinguistic factors associated with deception in phishing email text and their effect on end-user ability to discriminate phishing emails from legitimate emails.
Design/methodology/approach
Email messages and end-user decisions collected from a laboratory phishing study were validated and analyzed using natural language processing methods (Linguistic Inquiry Word Count) and penalized regression models (LASSO and Elastic Net) to determine the linguistic dimensions that attackers may use in phishing emails to deceive end-users and measure the impact of such choices on end-user susceptibility to phishing.
Findings
We found that most participants, who played the role of a phisher in the study, chose to deceive their end-user targets by pretending to be a familiar individual and presenting time pressure or deadlines. Results show that use of words conveying certainty (e.g. always, never) and work-related features in the phishing messages predicted higher end-user vulnerability. On the contrary, use of words that convey achievement (e.g. earn, win) or reward (cash, money) in the phishing messages predicted lower end-user vulnerability because such features are usually observed in scam-like messages.
Practical implications
Insights from this research show that analyzing emails for psycholinguistic features associated with computer-mediated deception could be used to fine-tune and improve spam and phishing detection technologies. This research also informs the kinds of phishing attacks that must be prioritized in antiphishing training programs.
Originality/value
Applying natural language processing and statistical modeling methods to analyze results from a laboratory phishing experiment to understand deception from both attacker and end-user is novel. Furthermore, results from this work advance our understanding of the linguistic factors associated with deception in phishing email text and its impact on end-user susceptibility.
Details
Keywords
Marguerite DeLiema, Clifford A. Robb and Stephen Wendel
One of the insidious effects of government and business imposter scams is the potential erosion of trust among defrauded consumers. This study aims to assess the relationship…
Abstract
Purpose
One of the insidious effects of government and business imposter scams is the potential erosion of trust among defrauded consumers. This study aims to assess the relationship between prior imposter scam victimization and present ability to discriminate between real and fake digital communications from government agencies and retail companies.
Design/methodology/approach
This paper tests whether a short, interactive training can help consumers correctly identify imposter scams without mistrusting legitimate communications. Participants were randomized into one of two control groups or to one of two training conditions: written tips on identifying digital imposter scams, or an interactive fraud detection training program. Participants were tested on their ability to correctly label emails, websites and letters as real or a scam.
Findings
This paper find that prior imposter scam victimization is not associated with greater mistrust. Compared to the control conditions, both written tips and interactive digital fraud detection training improved identification of real communications and scams; however, after a two- to three-week delay, the effect of training decreases for scam detection.
Originality/value
Results indicate that prior imposter scam victimization is not associated with mistrust, and that one-time fraud detection training improves consumers’ detection of imposter scams but has limited long-term effectiveness.
Details
Keywords
This study aims to examine how advance fee fraud (AFF) scammers build their criminal expertise over time and why the AFF scamming deception process succeeds.
Abstract
Purpose
This study aims to examine how advance fee fraud (AFF) scammers build their criminal expertise over time and why the AFF scamming deception process succeeds.
Design/methodology/approach
This study is interpretive, based on case study interview data with two scammers operating in Africa. The interviews were done over a period of time, and the data collection and analysis processes were iterative, primarily driven by the interview data.
Findings
The authors identify four processes that explain how scammers build criminal expertise, namely, socializing with scammers, accepting scamming definitions, practicing scamming techniques and manipulating digital technologies. The fourth process (manipulating digital technologies) also explains why scammer’s tactics are successful.
Originality/value
AFF scamming is a major crime affecting individuals and organizations worldwide, yet it remains under researched as little is known about scammers, their expertise and why their deceptive techniques are successful. The first contribution identifies four processes by which individuals build scamming criminal expertise as they transition from scammers-in-the-making to full-blown active scammers. The second contribution identifies the rationalizations used by scammers-in-the-making and scammers to justify transitioning into scamming and engaging in scamming criminality. The third contribution explains how the digital environment contributes to the processes of building scamming criminal expertise and why scammer’s deceptive tactics are sometimes successful.
Details
Keywords
Nisha TN and Mugdha Shailendra Kulkarni
The purpose of the study is to confirm the fact that in informations security, the human factor was considered as a key carrier of the majority of attacks that an information…
Abstract
Purpose
The purpose of the study is to confirm the fact that in informations security, the human factor was considered as a key carrier of the majority of attacks that an information system faces. Banking and other financial services are always top among the most attractive targets for cyber attackers. Blind phishing or spear phishing is still one of the major contributors to all malicious activities in the e-banking sector. All the counter mechanisms, therefore, revolve around the concept of how security-aware the customers are. To fool these mechanisms, attacks are becoming smarter and are searching for methods where the human involvement is diminishing to zero. Zero click attacks are one big leap that attackers are taking that removes the requirement of human involvement in initiating attacks and are moving toward an era of unassisted attacks. Even though the standard procedure and protocols are built into the banking system, they fail to detect this attack resulting in significant losses.
Design/methodology/approach
This paper follows a conceptual review of the upcoming concept in security and its implication in e-banking sector. The methodology adopted in this paper uses review papers, articles and white papers to conclude a theoretical model. A detailed analysis of unassisted attacks is considered from 2010 onwards till 2022.
Findings
This research deliberates on the methodologies of zero click attacks and gives a detailed analysis of attack vectors and their exploits. This research also identifies the likely attacks on e-banking that these vulnerabilities can trigger.
Originality/value
The key contribution is toward the early detection of zero click attacks, suggesting countermeasure, reducing the likelihood of these attacks and the financial impact.
Details
Keywords
Ahmed Shehata and Metwaly Eldakar
Social engineering is crucial in today’s digital landscape. As technology advances, malicious individuals exploit human judgment and trust. This study explores how age, education…
Abstract
Purpose
Social engineering is crucial in today’s digital landscape. As technology advances, malicious individuals exploit human judgment and trust. This study explores how age, education and occupation affect individuals’ awareness, skills and perceptions of social engineering.
Design/methodology/approach
A quantitative research approach was used to survey a diverse demographic of Egyptian society. The survey was conducted in February 2023, and the participants were sourced from various Egyptian social media pages covering different topics. The collected data was analyzed using descriptive and inferential statistics, including independent samples t-test and ANOVA, to compare awareness and skills across different groups.
Findings
The study revealed that younger individuals and those with higher education tend to research social engineering more frequently. Males display a higher level of awareness but score lower in terms of social and psychological consequences as well as types of attacks when compared to females. The type of attack cannot be predicted based on age. Higher education is linked to greater awareness and ability to defend against attacks. Different occupations have varying levels of awareness, skills, and psychosocial consequences. The study emphasizes the importance of increasing awareness, education and implementing cybersecurity measures.
Originality/value
This study’s originality lies in its focus on diverse Egyptian demographics, innovative recruitment via social media, comprehensive exploration of variables, statistical rigor, practical insights for cybersecurity education and diversity in educational and occupational backgrounds.
Details
Keywords
Sharon Wilson, Nor Azlili Hassan, Kheng Kia Khor, Santhidran Sinnappan, Afi Roshezry Abu Bakar and Soon Aun Tan
Scams are indeed malicious attempts to influence people and can take many forms, including online scams. With the increasing availability of technology, scammers have more tools…
Abstract
Purpose
Scams are indeed malicious attempts to influence people and can take many forms, including online scams. With the increasing availability of technology, scammers have more tools at their disposal to create convincing and sophisticated communications that appear to come from legitimate sources, such as emails, text messages or social media posts. These scams can be designed to trick individuals into clicking on malicious links, downloading malware or ransomware or providing sensitive information such as login information, financial information or personal details. Scammers often use social engineering techniques to persuade their targets to take specific actions, such as creating a sense of urgency, offering a reward or prize or posing as a trusted authority. These tactics can be highly effective, particularly if the target is unaware of the warning signs of a scam or is unfamiliar with how to protect themselves from online fraud. This paper aims to explore the extent and nature of this problem and evokes the concern that the general public is vulnerable and susceptible to scams if they are not resilient and aware. This paper also explores why victims fall for online scams and uncovers preventive measures to enable a direction in tacitly strategizing ways to create more impactful and effective awareness campaigns.
Design/methodology/approach
This study explores these aspects through a holistic qualitative approach. Using in-depth interview techniques with six victims, six non-victims, four law enforcement officers, four scammers and seven stakeholders from various agencies such as banks, telecommunication agencies and the Malaysian Communications and Multimedia Commission involved in combating the issue of scams.
Findings
The findings generally revealed that participants who were victims of scams felt Malaysians were susceptible to scams, easily fooled and had a nonchalant attitude. Most participants also highlighted that public safety is important for ensuring a high quality of life for citizens that should work closely between the government and non-government agencies, including effective law enforcement and crime prevention strategies.
Originality/value
The uniqueness of this study is the feedback from scammers themselves and their input towards authority and victims. Overall, the respondents provide their views drawing strength from the ever-changing technological background as well as the susceptibility of security features and vulnerability of human engagement.
Details
Keywords
Shreya Sangal, Gaurav Duggal and Achint Nigam
The purpose of this research paper is to review and synthesize the role of blockchain technology (BCT) in various types of illegal activities, including but not limited to fraud…
Abstract
Purpose
The purpose of this research paper is to review and synthesize the role of blockchain technology (BCT) in various types of illegal activities, including but not limited to fraud, money laundering, ransomware attacks, firearms, drug tracking, cyberattacks, identity theft and scams.
Design/methodology/approach
The authors conducted a review of studies related to illegal activities using blockchain from 2015 to 2023. Next, a thematic review of the literature was performed to see how these illegal activities were conducted using BCT.
Findings
Through this study, the authors identify the relevant themes that highlight the major illegal activities performed using BCT, its possible steps for prevention and the opportunities for future developments. Finally, the authors provide suggestions for future research using the theory, context and method framework.
Originality/value
No other research has synthesized the illegal activities using BCT through a thematic approach to the best of the authors’ knowledge. Hence, this study will act as a starting point for future research for academic and technical practitioners in this area.
Details
Keywords
Spam emails classification using data mining and machine learning approaches has enticed the researchers' attention duo to its obvious positive impact in protecting internet…
Abstract
Spam emails classification using data mining and machine learning approaches has enticed the researchers' attention duo to its obvious positive impact in protecting internet users. Several features can be used for creating data mining and machine learning based spam classification models. Yet, spammers know that the longer they will use the same set of features for tricking email users the more probably the anti-spam parties might develop tools for combating this kind of annoying email messages. Spammers, so, adapt by continuously reforming the group of features utilized for composing spam emails. For that reason, even though traditional classification methods possess sound classification results, they were ineffective for lifelong classification of spam emails duo to the fact that they might be prone to the so-called “Concept Drift”. In the current study, an enhanced model is proposed for ensuring lifelong spam classification model. For the evaluation purposes, the overall performance of the suggested model is contrasted against various other stream mining classification techniques. The results proved the success of the suggested model as a lifelong spam emails classification method.
Details
Keywords
MFA involves requiring people to present more than one credential to authenticate themselves. These protocols reduce the risk and impact of credential theft, but also present…