How Experts Detect Phishing Scam Emails

被引：19

作者：

Wash R. ^{[1
]}

机构：

[1] Michigan State University, Media and Information, East Lansing, MI

来源：

Proceedings of the ACM on Human-Computer Interaction | 2020年 / 4卷 / CSCW2期

基金：

美国国家科学基金会;

关键词：

email; phishing; security;

D O I：

10.1145/3415231

中图分类号：

学科分类号：

摘要：

Phishing scam emails are emails that pretend to be something they are not in order to get the recipient of the email to undertake some action they normally would not. While technical protections against phishing reduce the number of phishing emails received, they are not perfect and phishing remains one of the largest sources of security risk in technology and communication systems. To better understand the cognitive process that end users can use to identify phishing messages, I interviewed 21 IT experts about instances where they successfully identified emails as phishing in their own inboxes. IT experts naturally follow a three-stage process for identifying phishing emails. In the first stage, the email recipient tries to make sense of the email, and understand how it relates to other things in their life. As they do this, they notice discrepancies: little things that are "off'' about the email. As the recipient notices more discrepancies, they feel a need for an alternative explanation for the email. At some point, some feature of the email-usually, the presence of a link requesting an action-triggers them to recognize that phishing is a possible alternative explanation. At this point, they become suspicious (stage two) and investigate the email by looking for technical details that can conclusively identify the email as phishing. Once they find such information, then they move to stage three and deal with the email by deleting it or reporting it. I discuss ways this process can fail, and implications for improving training of end users about phishing. © 2020 Owner/Author.

引用

共 54 条

[1] Almomani A., Gupta B.B., Atawneh S., Meulenberg A., Almomani E., A survey of phishing email filtering techniques, IEEE Communications Surveys & Tutorials, 15, 4, pp. 2070-2090, (2013)
[2] Anand A., Gorde K., Moniz J.R.A., Park N., Chakraborty T., Chu B.-T., Phishing URL detection with oversampling based on text generative adversarial networks, 2018 IEEE International Conference on Big Data (Big Data). IEEE, pp. 1168-1177, (2018)
[3] Arachchilage N.A.G., Love S., A game design framework for avoiding phishing attacks, Computers in Human Behavior, 29, 3, pp. 706-714, (2013)
[4] Bahnsen A.C., Bohorquez E.C., Villegas S., Vargas J., Gonzalez F.A., Classifying phishing URLs using recurrent neural networks, 2017 APWG Symposium on Electronic Crime Research (ECrime), pp. 1-8, (2017)
[5] Benenson Z., Gassmann F., Landwirth R., Unpacking spear phishing susceptibility, FC 2017: Financial Cryptography and Data Security., pp. 610-627, (2017)
[6] Blythe M., Petrie H., Clark J.A., F for fake: Four studies on how we fall for phish, CHI '11: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 3469-3478, (2011)
[7] Caputo D.D., Pfleeger S.L., Freeman J.D., Johnson M.E., Going spear phishing: Exploring embedded training and awareness, Security & Privacy, IEEE, 12, 1, pp. 28-38, (2014)
[8] Cialdini R., Influence: The Psychology of Persuasion (Revised Ed.), (2009)
[9] Conzola V.C., Wogalter M.S., A Communication-Human Information Processing (C-HIP) approach to warning effectiveness in the workplace, Journal of Risk Research, 4, 4, pp. 309-322, (2001)
[10] Cowan D.A., Developing a process model of problem recognition, Academy of Management Review, 11, 4, pp. 763-776, (1986)

← 1 2 3 4 5 6 →