Search results

The purpose of this paper is to provide an in-depth content analysis of phishing messages and to enhance understanding of them from a persuasive communication perspective.

This study analysed phishing message content in a persuasion mechanism framework including message presentation and content (rational appeal, emotional appeal, reasoning type). It also used semantic network analysis to identify meaning structure.

The results indicate that phishing messages used logical appeals, reasoning from cause, motivational appeals, appealing to safety needs, and emotional appeals to gain compliance. Semantic network analysis showed that two word clusters represent security and privacy.

This study applied modern persuasion and deceptive communication theories to interpret phishing e-mails. The findings enhance relevant theories by including phishing e-mail cases.

The results of this study can be utilised for developing phishing prevention techniques and phishing detection software.

Past phishing detection studies only used a technological approach, whereas the current study provides a more comprehensive content-oriented and persuasion theory-based understanding of phishing messages.

Phishing remains a major cybersecurity problem. Mainly adopting variance approaches, researchers have suggested several recommendations to help users avoid being victimized in phishing attacks. However, the evidence suggests that anti-phishing recommendations are not very effective. The purpose of this paper is threefold: first, to analyze why the existing anti-phishing recommendations may not be very effective; second, to propose stage theorizing as an additional approach for studying phishing that can contribute toward more effective recommendations; and third, to demonstrate using a stage theory, how IS researchers can utilize the concept of stages in phishing research.

The study draws on findings from previous empirical phishing research to assess whether the reasons why people are victimized in phishing attacks can be categorized into stages. The criteria for stages of the Transtheoretical Model (TTM) are used as an example.

Analysis indicates support for the existence of stages of phishing victims. The criteria for stages of the TTM were applied to the reasons that subjects in previous studies gave for clicking on phishing links and to the anti-phishing recommendations proposed in previous studies. There was overall support for four of the five criteria of the TTM. The results from the current study indicate that a targeted approach is a better approach to proposing anti-phishing recommendations.

The analysis identified the stages of phishing victims and the processes of change for each stage. It is suggested that recommendations against phishing should target individuals based on their resident stages. Moreover, the processes of change should be applied to the correct stage for the recommendations to be effective.

From a phishing perspective, there is a lack of research based on stage theorizing. The current study presents stage theorizing as an additional approach to the existing approaches and demonstrates how a stage theory can be used to make more effective recommendations against phishing. The study has thrown light on the benefits of stage theorizing and how its approach to targeted recommendations can be useful in IS security research.

The purpose of this paper is to propose a framework to address the problem that email users are not well-informed or assisted by their email clients in identifying possible phishing attacks, thereby putting their personal information at risk. This paper therefore addresses the human weakness (i.e. the user’s lack of knowledge of phishing attacks which causes them to fall victim to such attacks) as well as the software related issue of email clients not visually assisting and guiding the users through the user interface.

A literature study was conducted in the main field of information security with a specific focus on understanding phishing attacks and a modelling technique was used to represent the proposed framework. This paper argues that the framework can be suitably implemented for email clients to raise awareness about phishing attacks. To validate the framework as a plausible mechanism, it was reviewed by a focus group within the School of Information and Communication Technology (ICT) at the Nelson Mandela Metropolitan University (NMMU). The focus group consisted of academics and research students in the field of information security.

This paper argues that email clients should make use of feedback mechanisms to present security related aspects to their users, so as to make them aware of the characteristics pertaining to phishing attacks. To support this argument, it presents a framework to assist email users in the identification of phishing attacks.

Future research would yield interesting results if the proposed framework were implemented into an existing email client to determine the effect of the framework on the user’s level of awareness of phishing attacks. Furthermore, the list of characteristics could be expanded to include all phishing types (such as clone phishing, smishing, vishing and pharming). This would make the framework more dynamic in that it could then address all forms of phishing attacks.

The proposed framework could enable email clients to provide assistance through the user interface. Visibly relaying the security level to the users of the email client, and providing short descriptions as to why a certain email is considered suspicious, could result in raising the awareness of the average email user with regard to phishing attacks.

This research presents a framework that email clients can use to identify common forms of normal and spear phishing attacks. The proposed framework addresses the problem that the average Internet user lacks a baseline level of online security awareness. It argues that the email client is the ideal place to raise the awareness of users regarding phishing attacks.

The purpose of this research paper is to review and synthesize the role of blockchain technology (BCT) in various types of illegal activities, including but not limited to fraud, money laundering, ransomware attacks, firearms, drug tracking, cyberattacks, identity theft and scams.

The authors conducted a review of studies related to illegal activities using blockchain from 2015 to 2023. Next, a thematic review of the literature was performed to see how these illegal activities were conducted using BCT.

Through this study, the authors identify the relevant themes that highlight the major illegal activities performed using BCT, its possible steps for prevention and the opportunities for future developments. Finally, the authors provide suggestions for future research using the theory, context and method framework.

No other research has synthesized the illegal activities using BCT through a thematic approach to the best of the authors’ knowledge. Hence, this study will act as a starting point for future research for academic and technical practitioners in this area.

The purpose of this paper is to understand the influence of exposure to motivated offenders who may alter the vulnerability levels to phishing victimization. This is particularly focused on explaining the influences of individuals’ online lifestyles and attitudes toward information sharing online on phishing susceptibility.

This conceptual paper explores the risk of phishing victimization using criminological theories. The authors draw on empirical evidence from existing cybercrime literature and revisit routine activities theory (RAT) and lifestyle RAT (LRAT) to elucidate the risk of phishing victimization. This paper proposes that cyber-RAT, which was developed from RAT and LRAT, could interpret phishing victimization. Grounded on the intervention-based theory against cybercrime phishing, this study suggests that an attitude toward precautionary behavior (information sharing online) is essential to mitigate the phishing victimization risk.

This paper aims to provide a clear insight into the understanding of phishing victimization risk using theoretical and empirical evidence.

The theoretical perspective outlined provides the understanding of the impacts of online routine activities on a phishing attack which in turn will increase the awareness of phishing threats. The important role of the precautionary countermeasure, that is, attitudes toward information sharing online is highlighted to reconcile the phishing victimization risk.

This study introduces the concept of audiovisual alerts and warnings as a way to reduce phishing susceptibility on mobile devices.

This study has three phases. The first phase included 32 subject matter experts that provided feedback toward a phishing alert and warning system. The second phase included development and a pilot study to validate a phishing alert and warning system prototype. The third phase included delivery of the Phishing Alert and Warning System (PAWS^TM mobile app) to 205 participants. This study designed, developed, as well as empirically tested the PAWS^TM mobile app that alerted and warned participants to the signs of phishing in emails on mobile devices.

The results of this study indicated audio alerts and visual warnings potentially lower phishing susceptibility in emails. Audiovisual warnings appeared to assist study participants in noticing phishing emails more easily and in less time than without audiovisual warnings.

This study's implications to mitigation of phishing emails are key, as it appears that alerts and warnings added to email applications may play a significant role in the reduction of phishing susceptibility.

This study extends the existing information security body of knowledge on phishing prevention and awareness by using audiovisual alerts and warnings to email recipients tested in real-life applications.

Phishing is still a very popular and effective security threat, and it takes, on average, more than a day to detect new phish websites. Protection by purely technical means is hampered by this vulnerability window. During this window, users need to act to protect themselves. To support users in doing so, the paper aims to propose to first make users aware of the need to consult the address bar. Moreover, the authors propose to prune URL displayed in the address bar. The authors report on an evaluation of this proposal.

The paper opted for an online study with 411 participants, judging 16 websites – all with authentic design: half with legitimate and half with phish URLs. The authors applied four popular widely used types of URL manipulation techniques. The authors conducted a within-subject and between-subject study with participants randomly assigned to one of two groups (domain highlighting or pruning). The authors then tested both proposals using a repeated-measures multivariate analysis of variance.

The analysis shows a significant improvement in terms of phish detection after providing the hint to check the address bar. Furthermore, the analysis shows a significant improvement in terms of phish detection after the hint to check the address bar for uninitiated participants in the pruning group, as compared to those in the highlighting group.

Because of the chosen research approach, the research results may lack generalisability. Therefore, researchers are encouraged to test the proposed propositions further.

This paper confirms the efficacy of URL pruning and of prompting users to consult the address bar for phish detection.

This paper introduces a classification for URL manipulation techniques used by phishers. We also provide evidence that drawing people’s attention to the address bar makes them more likely to spot phish websites, but does not impair their ability to identify authentic websites.

This paper aims to report on research that tests the effectiveness of anti-phishing tools in detecting phishing attacks by conducting some real-time experiments using freshly hosted phishing sites. Almost all modern-day Web browsers and antivirus programs provide security indicators to mitigate the widespread problem of phishing on the Internet.

The current work examines and evaluates the effectiveness of five popular Web browsers, two third-party phishing toolbar add-ons and seven popular antivirus programs in terms of their capability to detect locally hosted spoofed websites. The same tools have also been tested against fresh phishing sites hosted on Internet.

The experiments yielded alarming results. Although the success rate against live phishing sites was encouraging, only 3 of the 14 tools tested could successfully detect a single spoofed website hosted locally.

This work proposes the inclusion of domain name system server authentication and verification of name servers for a visiting website for all future anti-phishing toolbars. It also proposes that a Web browser should maintain a white list of websites that engage in online monetary transactions so that when a user requires to access any of these, the default protocol should always be HTTPS (Hypertext Transfer Protocol Secure), without which a Web browser should prevent the page from loading.

This paper aims to present a hybrid approach based on classification algorithms that was capable of identifying different types of phishing pages. In this approach, after eliminating features that do not play an important role in identifying phishing attacks and also after adding the technique of searching page title in the search engine, the capability of identifying journal phishing and phishing pages embedded in legal sites was added to the presented approach in this paper.

The hybrid approach of this paper for identifying phishing web sites is presented. This approach consists of four basic sections. The action of identifying phishing web sites and journal phishing attacks is performed via selecting two classification algorithms separately. To identify phishing attacks embedded in legal web sites also the method of page title searching is used and then the result is returned. To facilitate identifying phishing pages the black list approach is used along with the proposed approach so that the operation of identifying phishing web sites can be performed more accurately, and, finally, by using a decision table, it is judged that the intended web site is phishing or legal.

In this paper, a hybrid approach based on classification algorithms to identify phishing web sites is presented that has the ability to identify a new type of phishing attack known as journal phishing. The presented approach considers the most used features and adds new features to identify these attacks and to eliminate unused features in the identifying process of these attacks, does not have the problems of previous techniques and can identify journal phishing too.

The major advantage of this technique was considering all of the possible and effective features in identifying phishing attacks and eliminating unused features of previous techniques; also, this technique in comparison with other similar techniques has the ability of identifying journal phishing attacks and phishing pages embedded in legal sites.

Phishing is one of the major threats affecting businesses worldwide in current times. Organizations and customers face the hazards arising out of phishing attacks because of anonymous access to vulnerable details. Such attacks often result in substantial financial losses. Thus, there is a need for effective intrusion detection techniques to identify and possibly nullify the effects of phishing. Classifying phishing and non-phishing web content is a critical task in information security protocols, and full-proof mechanisms have yet to be implemented in practice. The purpose of the current study is to present an ensemble machine learning model for classifying phishing websites.

A publicly available data set comprising 10,068 instances of phishing and legitimate websites was used to build the classifier model. Feature extraction was performed by deploying a group of methods, and relevant features extracted were used for building the model. A twofold ensemble learner was developed by integrating results from random forest (RF) classifier, fed into a feedforward neural network (NN). Performance of the ensemble classifier was validated using k-fold cross-validation. The twofold ensemble learner was implemented as a user-friendly, interactive decision support system for classifying websites as phishing or legitimate ones.

Experimental simulations were performed to access and compare the performance of the ensemble classifiers. The statistical tests estimated that RF_NN model gave superior performance with an accuracy of 93.41 per cent and minimal mean squared error of 0.000026.

The research data set used in this study is publically available and easy to analyze. Comparative analysis with other real-time data sets of recent origin must be performed to ensure generalization of the model against various security breaches. Different variants of phishing threats must be detected rather than focusing particularly toward phishing website detection.

The twofold ensemble model is not applied for classification of phishing websites in any previous studies as per the knowledge of authors.