Bridget Khursheed
Microtargeting or Microphishing? Phishing Unveiled
Khursheed, Bridget; Pitropakis, Nick; McKeown, Sean; Lambrinoudakis, Costas
Authors
Dr Nick Pitropakis N.Pitropakis@napier.ac.uk
Associate Professor
Dr Sean McKeown S.McKeown@napier.ac.uk
Lecturer
Costas Lambrinoudakis
Abstract
Online advertisements delivered via social media platforms function in a similar way to phishing emails. In recent years there has been a growing awareness that political advertisements are being microtargeted and tailored to specific demographics, which is analogous to many social engineering attacks. This has led to calls for total bans on this kind of focused political advertising. Additionally, there is evidence that phishing may be entering a more developed phase using software known as Phishing as a Service to collect information on phishing or social engineering, potentially facilitating microphishing campaigns. To help understand such campaigns, a set of well-defined metrics can be borrowed from the field of digital marketing, providing novel insights which inform phishing email analysis. Our work examines in what ways digital marketing is analogous to phishing and how digital marketing metric techniques can be used to complement existing phishing email analysis. We analyse phishing email datasets collected by the University of Houston in comparison with Corporate junk email and microtargeting Facebook Ad Library datasets, thus comparing these approaches and their results using Weka, URL mismatch and visual metrics analysis. Our evaluation of the results demonstrates that phishing emails can be joined up in unexpected ways which are not revealed using traditional phishing filters. However such microphishing may have the potential to gather, store and analyse social engineering information to be used against a target at a later date in a similar way to microtargeting.
Citation
Khursheed, B., Pitropakis, N., McKeown, S., & Lambrinoudakis, C. (2020). Microtargeting or Microphishing? Phishing Unveiled. In Trust, Privacy and Security in Digital Business (89-105). https://doi.org/10.1007/978-3-030-58986-8_7
Conference Name | The 17th International Conference on Trust, Privacy and Security in Digital Business - TrustBus2020 |
---|---|
Conference Location | Bratislava, Slovakia |
Start Date | Sep 14, 2020 |
End Date | Sep 17, 2020 |
Acceptance Date | Jun 2, 2020 |
Online Publication Date | Sep 14, 2020 |
Publication Date | 2020 |
Deposit Date | Sep 16, 2020 |
Publicly Available Date | Sep 15, 2021 |
Publisher | Springer |
Pages | 89-105 |
Series Title | Lecture Notes in Computer Science |
Series Number | 12395 |
Series ISSN | 0302-9743 |
Book Title | Trust, Privacy and Security in Digital Business |
ISBN | 978-3-030-58985-1 |
DOI | https://doi.org/10.1007/978-3-030-58986-8_7 |
Public URL | http://researchrepository.napier.ac.uk/Output/2651090 |
Related Public URLs | http://www.dexa.org/acceptedPapers#trustbus |
Files
Microtargeting Or Microphishing? Phishing Unveiled (accepted version)
(651 Kb)
PDF
You might also like
Rapidrift: Elementary Techniques to Improve Machine Learning-Based Malware Detection
(2023)
Journal Article
Progressive Web Apps to Support (Critical) Systems in Low or No Connectivity Areas
(2023)
Conference Proceeding
Forensic Investigation Using RAM Analysis on the Hadoop Distributed File System
(2023)
Conference Proceeding
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search