Experimental Investigation of Technical and Human Factors Related to Phishing Susceptibility

This article reports on a simulated phishing experiment targeting 6,938 faculty and staff at George Mason University. The three-week phishing campaign employed three types of phishing exploits and examined demographic, linked workstation/network monitoring audit data, and a variety of behavioral and psychological factors measured via pre- and post-campaign surveys. While earlier research studies have reported disparate effects of gender and age, the present results suggest that these effects are not significant or are of limited strength and that other underlying factors may be more important. Specifically, significant differences in phishing susceptibility were obtained for different email contexts and based on whether individuals have been successfully phished before (these people were more likely to succumb to subsequent phishing emails in our study). Further, participants who responded to phishing exploits scored higher on impulsivity than the non-clickers. Also, participants whose survey responses indicated that they had more appropriate online “security hygiene habits,” such as checking the legitimacy of links, were less likely to be successfully phished in our campaign. Participants whose post-campaign survey responses indicated that they were suspicious of a phishing email message in our campaign were far less likely to click on the phishing link than those who were not suspicious. Similar results were obtained for judgments of pertinence of the email. Participants who indicated that they thought about the negative consequences of clicking the link were less likely to do so than participants who did not think about the negative consequences. Implications for effective training and awareness are discussed.

Multi-Language Spam/Phishing Classification by Email Body Text: Toward Automated Security Incident Investigation

Spamming and phishing are two types of emailing that are annoying and unwanted, differing by the potential threat and impact to the user. Automated classification of these categories can increase the users’ awareness as well as to be used for incident investigation prioritization or automated fact gathering. However, currently there are no scientific papers focusing on email classification concerning these two categories of spam and phishing emails. Therefore this paper presents a solution, based on email message body text automated classification into spam and phishing emails. We apply the proposed solution for email classification, written in three languages: English, Russian, and Lithuanian. As most public email datasets almost exclusively collect English emails, we investigate the suitability of automated dataset translation to adapt it to email classification, written in other languages. Experiments on public dataset usage limitations for a specific organization are executed in this paper to evaluate the need of dataset updates for more accurate classification results.

Implementation and Follow up Experience of an E-consult Program in a Rural Neurology Setting

Objective:The demand for neurology services at Geisinger exceeds the current clinical capacity. Therefore, we implemented and assessed the utility of Ask-a-Doc (AAD) which is an EMR-based interface developed at Geisinger to facilitate communication between primary care physicians (PCP) and specialists.Methods:AAD was employed at the end of 2015 in our department. Based on the clinical picture, the PCP assesses whether to send an urgent AAD question with a phone request, or a more elective question that can be answered by email message. The AAD message is then relayed to the on-call neurologist. We analyzed 4-year longitudinal data to assess for the efficacy of this tool in our department in improving patient care and communication.Results:There were a total of 3190 messages during this period. 2927 (91.7%) were completed and routed correctly, 263(8.3%) messages had errors including routing issues, communication mismatch, and delayed time frame. The average specialist turnaround time was 5 hours. During this period the number of AAD messages increased by 300% as PCPs and neurologists became more comfortable with the process.Conclusions:AAD provides an interface between PCP and neurology specialists and can assist in determining if a patient needs to be seen urgently in the clinic, the correct subspecialty, and prerequisite diagnostic tests. AAD was successfully implemented and utilized in our rural neurology setting, with rapid turnaround, increased usage and accuracy.

Protecting a whale in a sea of phish

Whaling is one of the most financially damaging, well-known, effective cyberattacks employed by sophisticated cybercriminals. Although whaling largely consists of sending a simplistic email message to a whale (i.e. a high-value target in an organization), it can result in large payoffs for cybercriminals, in terms of money or data stolen from organizations. While a legitimate cybersecurity threat, little information security research has directed attention toward whaling. In this study, we begin to provide an initial understanding of what makes whaling such a pernicious problem for organizations, executives, or celebrities (e.g. whales), and those charged with protecting them. We do this by defining whaling, delineating it from general phishing and spear phishing, presenting real-world cases of whaling, and provide guidance on future information security research on whaling. We find that whaling is far more complex than general phishing and spear phishing, spans multiple domains (e.g. work and personal), and potentially results in spillover effects that ripple across the organization. We conclude with a discussion of promising future directions for whaling and information security research.

Heuristic based malicious URL detection

Phishing is one of the most potentially disruptive actions that can be performed on the Internet. Intellectual property and other pertinent business information could potentially be at risk if a user falls for a phishing attack . The adversary sends an email with a link to a fraudulent site to lure consumers into divulging their confidential information. One of the main goal of this research is to detect phishing attempts via email. The algorithm in the previous work analyses the body text in an email to detect whether the email message asks the user to do some action such as clicking on the link that directs the user to a fraudulent website. This work expanded the text analysis portion of that algorithm, which performed poorly in catching phishing emails. The original algorithm has considerably have a lower result in filtering out malicious email as compared to modified algorithm.To address the False Positive problem, a statistical approach was adopted and the method ameliorated the False Positive Rate while minimizing the decrease in the phishing detection accuracy.

Effect of Using an Exercise and Nutrition Secure Email Message on the Implementation of Health Promotion in a Large Health Care System

Background and Program: Secure email messaging is used to provide timely communication between healthcare providers and patients with medical information and education. There have been increasing rates of overweight and obesity among military healthcare patients. To address this issue, we utilized a secure email messaging system that is primarily used for medication refills. This commentary demonstrates the extent to which the message was viewed and how much the message was liked. Preliminary Results: Of the 16,020 individuals emailed, 7,011 participants (43.8%) opened the email, and 1,023 patients (14.6% of those who opened it) completed the survey. Satisfaction rate for the health promotion message was 77.2%. Participants reported an intent to eat more fruit and vegetables (49.6%), decrease portion sizes (38.8%), and increase physical activity (51.1%), while 33.6% reported having no intent to change. Conclusion: The majority were satisfied with the health promotion message. This email method enables a single provider to have increased contact with patients. It is unknown if this message reached higher risk or harder to reach participants, a patient subset that could benefit most from this type of communication. This study is unique in that to our knowledge it is the first one to use secure email messaging in the military healthcare system for health promotion.

SURVEY ON DESIGN OF PATIENT BLOOD PRESSURE MONITORING SYSTEM USING SECURE IOT

Blood Pressure Monitoring using sensor and cloud technology, Personal biological readings such as blood pressure are collected by sensor networks device from patients at homes and will be transmitted to cloud and get treated accordingly. It is very important that privacy of patient’s medical condition is protected while data are being transmitted over the public network as well as when they are stored in servers. In this paper, a unique Cryptography technique has been used, Cryptography allows privacy of data that is transmitted. This will ensure that it is implemented for small foot print using IOT for secure data transmission. While data is transmitting to cloud Doctor will get email/message notification and Doctor can also view the Patient Blood Pressure Record stored in cloud.

Enhancing Security at Email End Point

Although email security needs more attention, a small amount of research has been conducted. Most of the security properties that can be applied to the email messages are based on encryption and digital signatures. The cryptography techniques that can be both symmetric and asymmetric algorithms cannot prove the identity of the sender and receiver in the real world, which is related to the end point security. Additionally, these techniques are not capable of preventing the spams, scams, and spoofing attacks. A new secure email system based on fingerprint identification is proposed to overcome the recognition of the real identity of the email sender and receiver. This method uses the user’s username and password hashes, their full name and personal image, and fingerprint hashes along with the email message hash. The proposed method is successfully evaluated against security, maintenance, operational, and privacy issues.

How the FLOSS Research Community Uses Email Archives

Artifacts of the software development process, such as source code or emails between developers, are a frequent object of study in empirical software engineering literature. One of the hallmarks of free, libre, and open source software (FLOSS) projects is that the artifacts of the development process are publicly-accessible and therefore easily collected and studied. Thus, there is a long history in the FLOSS research community of using these artifacts to gain understanding about the phenomenon of open source software, which could then be compared to studies of software engineering more generally. This paper looks specifically at how the FLOSS research community has used email artifacts from free and open source projects. It provides a classification of the relevant literature using a publicly-available online repository of papers about FLOSS development using email. The outcome of this paper is to provide a broad overview for the software engineering and FLOSS research communities of how other researchers have used FLOSS email message artifacts in their work.