Alerting Users About Phishing Attacks

2019 ◽  
pp. 134-148 ◽  
Author(s):  
Giuseppe Desolda ◽  
Francesco Di Nocera ◽  
Lauren Ferro ◽  
Rosa Lanzilotti ◽  
Piero Maggi ◽  
...  
Keyword(s):  
Phishing Attacks

scholarly journals Phishing for Long Tails: Examining Organizational Repeat Clickers and Protective Stewards

SAGE Open ◽  
2021 ◽  
Vol 11 (1) ◽  
pp. 215824402199065
Author(s):  
Matthew Canham ◽  
Clay Posey ◽  
Delainey Strickland ◽  
Michael Constantino
Keyword(s):  
Research Effort ◽  
Time Frame ◽  
Future Research ◽  
Negative Behaviors ◽  
Computer Abuse ◽  
Positive Behaviors ◽  
Phishing Attacks ◽  
Long Tails ◽  
Motivated Behaviors ◽  
External Actors

Organizational cybersecurity efforts depend largely on the employees who reside within organizational walls. These individuals are central to the effectiveness of organizational actions to protect sensitive assets, and research has shown that they can be detrimental (e.g., sabotage and computer abuse) as well as beneficial (e.g., protective motivated behaviors) to their organizations. One major context where employees affect their organizations is phishing via email systems, which is a common attack vector used by external actors to penetrate organizational networks, steal employee credentials, and create other forms of harm. In analyzing the behavior of more than 6,000 employees at a large university in the Southeast United States during 20 mock phishing campaigns over a 19-month period, this research effort makes several contributions. First, employees’ negative behaviors like clicking links and then entering data are evaluated alongside the positive behaviors of reporting the suspected phishing attempts to the proper organizational representatives. The analysis displays evidence of both repeat clicker and repeat reporter phenomena and their frequency and Pareto distributions across the study time frame. Second, we find that employees can be categorized according to one of the four unique clusters with respect to their behavioral responses to phishing attacks—“Gaffes,” “Beacons,” “Spectators,” and “Gushers.” While each of the clusters exhibits some level of phishing failures and reports, significant variation exists among the employee classifications. Our findings are helpful in driving a new and more holistic stream of research in the realm of all forms of employee responses to phishing attacks, and we provide avenues for such future research.

SpoofCatch: A Client-Side Protection Tool Against Phishing Attacks

2021 ◽  
Vol 23 (2) ◽  
pp. 65-74
Author(s):  
Wilayat Khan ◽  
Aakash Ahmad ◽  
Aamir Qamar ◽  
Muhammad Kamran ◽  
Muhammad Altaf
Keyword(s):  
Phishing Attacks ◽  
Client Side

scholarly journals Securing Online Bank Transactions from Phishing Attacks using MFA and Secure Session Key

2015 ◽  
Vol 8 (S2) ◽  
pp. 123 ◽  
Author(s):  
S. Manasa ◽  
P. Mullaimalar ◽  
G. B. Gnanaprakash Singh ◽  
S. S. Manivannan
Keyword(s):  
Session Key ◽  
Phishing Attacks ◽  
Online Bank

scholarly journals Persuading end users to act cautiously online: a fear appeals study on phishing

2018 ◽  
Vol 26 (3) ◽  
pp. 264-276 ◽  
Author(s):  
Jurjen Jansen ◽  
Paul van Schaik
Keyword(s):  
Information Sharing ◽  
Fear Appeals ◽  
Future Research ◽  
Protection Motivation ◽  
Online Information ◽  
Fear Appeal ◽  
Content Type ◽  
Phishing Attacks ◽  
Internet Users ◽  
Post Test

Purpose The purpose of this paper is to test the protection motivation theory (PMT) in the context of fear appeal interventions to reduce the threat of phishing attacks. In addition, it was tested to what extent the model relations are equivalent across fear appeal conditions and across time. Design/methodology/approach A pre-test post-test design was used. In the pre-test, 1,201 internet users filled out an online survey and were presented with one of three fear appeal conditions: strong fear appeal, weak fear appeal and control condition. Arguments regarding vulnerability of phishing attacks and response efficacy of vigilant online information-sharing behaviour were manipulated in the fear appeals. In the post-test, data were collected from 786 internet users and analysed with partial least squares path modelling. Findings The study found that PMT model relations hold in the domain of phishing. Self-efficacy and fear were the most important predictors of protection motivation. In general, the model results were equivalent across conditions and across time. Practical Implications It is important to consider online information-sharing behaviour because it facilitates the occurrence and success of phishing attacks. The results give practitioners more insight into important factors to address in the design of preventative measures to reduce the success of phishing attacks. Future research is needed to test how fear appeals work in real-world settings and over longer periods. Originality/value This paper is a substantial adaptation of a previous conference paper (Jansen and Van Schaik, 2017a, b).

Design and evaluation of the highly insidious extreme phishing attacks

2017 ◽  
Vol 70 ◽  
pp. 634-647 ◽  
Author(s):  
Rui Zhao ◽  
Samantha John ◽  
Stacy Karas ◽  
Cara Bussell ◽  
Jennifer Roberts ◽  
...  
Keyword(s):  
Phishing Attacks
Sign in / Sign up

Export Citation Format

Share Document