The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
With the variety of applications in mobile devices, such devices are no longer deemed calling gadgets merely. Various applications are used to browse the Internet, thus access financial data, and store sensitive personal information. In consequence, mobile devices are exposed to several types of attacks. Specifically, phishing attacks can easily take advantage of the limited or lack of security and...
The timeliness of phishing incident response is hindered by the need for human verification of whether suspicious URLs are actually phishing sites. This paper presents a method for automating the determination, and demonstrates the effectiveness of this method in reducing the number of suspicious URLs that need human review through a method of comparing new URLs and their associated Web content with...
The Internet is consisting of autonomous systems each managed by individual and rival organizations, which makes it very difficult to capture as a whole. Internet situation awareness can be accomplished by creating a common basis for private and public operators to monitor their networks. Thus, an overlay monitoring layer is needed, which can be utilized to address a very important aspect for a more...
Researchers are increasingly turning to live, dasiain the wildpsila phishing studies of users, who unknowingly participate without giving informed consent. Such studies can expose researchers to a number of unique, and fairly significant legal risks. This paper will present four case studies highlighting the steps that researchers have taken to avoid legal problems, and to highlight the legal risks...
We study the evolution of phishing email messages in a corpus of over 380,000 phishing messages collected from August 2006 to December 2007. Our first result is a classification of phishing messages into two groups: flash attacks and non-flash attacks. Phishing message producers try to extend the usefulness of a phishing message by reusing the same message. In some cases this is done by sending a...
Prior laboratory studies have shown that PhishGuru, an embedded training system, is an effective way to teach users to identify phishing scams. PhishGuru users are sent simulated phishing attacks and trained after they fall for the attacks. In this current study, we extend the PhishGuru methodology to train users about spear phishing and test it in a real world setting with employees of a Portuguese...
The vulnerability of home routers has been widely discussed, but there has been significant skepticism in many quarters about the viability of using them to perform damaging attacks. Others have argued that traditional malware prevention technologies will function for routers. In this paper we show how easily and effectively a home router can be repurposed to perform a mid-stream script injection...
A key way in which banks mitigate the effects of phishing is to have fraudulent websites removed or abusive domain names suspended. This dasiatake-downpsila is often subcontracted to specialist companies. We analyse six months of dasiafeedspsila of phishing Website URLs from multiple sources, including two such companies. We demonstrate that in each case huge numbers of Websites may be known to others,...
The following topics are dealt with: electronic crime; phishing detection; Internet situation awareness; home-router mid-stream injection attacks; Bayesian additive regression trees; and phishing Web site identification.
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.