Phishing: An economic analysis of cybercrime perpetrators

被引：17

作者：

Konradt, Christian ^{[1
]}

Schilling, Andreas ^{[2
]}

Werners, Brigitte ^{[2
]}

机构：

[1] Univ Munster, European Res Ctr Informat Syst, Informat Syst & Supply Chain Management, Leonardo Campus 3, D-48149 Munster, Germany

[2] Ruhr Univ Bochum, Fac Econ & Management, Univ Str 150, D-44780 Bochum, Germany

来源：

COMPUTERS & SECURITY | 2016年 / 58卷

关键词：

Cybercrime; Economic analysis; Information security; Phishing; Simulation; @Risk; SECURITY; CRIME;

D O I：

10.1016/j.cose.2015.12.001

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Cybercrime, one of the most important security topics, will continue to emerge as a more critical security threat within the next years. Among the different attacks, phishing is of special interest because of its negative impact for the economy. In this paper, we develop a simulation study based on the work of Fultz and Grossklags. To extend their analysis of cybercrime by an economic view, we customized their model and used it as basis for our analysis. Based on the data from recent literature, our assessment gives insights into the perpetrator's behavior and allows us to quantify the effectiveness of countermeasures. Due to the fact that mainly risk-seeking persons are responsible for these attacks, countermeasures aiming at increasing the penalties are not very effective. We discovered that better control of dark markets to prevent the trading of stolen data has a much higher impact. In general, results of our simulation can be used to analyze the perpetrator's economic motives and to establish a basis for effective countermeasures. (C) 2016 Elsevier Ltd. All rights reserved.

引用

页码：39 / 46

页数：8

共 31 条

[21]

McMillan R, 2011, US PHISHER WHO HIT 3

[22]

Metropolitan Police Service, 2013, 8 CONV PHISH ATT

[23] The Economics of Online Crime [J].