An Analysis of Social Engineering Principles in Effective Phishing

Ferreira, Ana; LENZINI, Gabriele

Demander un accès

Communication publiée dans un ouvrage (Colloques, congrès, conférences scientifiques et actes)

An Analysis of Social Engineering Principles in Effective Phishing

Ferreira, Ana; LENZINI, Gabriele

2015 • In Proc. of the 5th International Workshop on Socio-Technical Security and Trust

Peer reviewed

Permalien
https://hdl.handle.net/10993/21781

Documents (1)Envoyer vers Détails Statistiques Bibliographie Publications similaires

Documents

Texte intégral

stast2015.pdf

Preprint Auteur (202.03 kB)

Demander un accès

Tous les documents dans ORBilu sont protégés par une licence d'utilisation.

Envoyer vers

RIS BibTex APA Chicago Permalink X Linkedin

Détails

Mots-clés :

Phishing; Social Engineering; Socio-Technical Security

Centre de recherche :

SnT

Disciplines :

Sciences informatiques

Auteur, co-auteur :

Ferreira, Ana

LENZINI, Gabriele ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Co-auteurs externes :

yes

Langue du document :

Anglais

Titre :

An Analysis of Social Engineering Principles in Effective Phishing

Date de publication/diffusion :

2015

Nom de la manifestation :

Socio-Technical Aspects in Security and Trust

Organisateur de la manifestation :

Univ. Verona

Lieu de la manifestation :

Verona, Italie

Date de la manifestation :

13-07-2015

Manifestation à portée :

International

Titre de l'ouvrage principal :

Proc. of the 5th International Workshop on Socio-Technical Security and Trust

Maison d'édition :

CSP

Peer reviewed :

Peer reviewed

Projet FnR :

FNR1183245 - Socio-technical Analysis Of Security And Trust, 2011 (01/05/2012-30/04/2015) - Peter Y. A. Ryan

Organisme subsidiant :

FNR - Fonds National de la Recherche

Disponible sur ORBilu :

depuis le 17 août 2015

Statistiques

Nombre de vues

319 (dont 9 Unilu)

Nombre de téléchargements

4 (dont 2 Unilu)

Voir plus de statistiques

citations Scopus^®

citations Scopus^®
sans auto-citations

Bibliographie

M. Labs, "Threats report," McAfee, Tech. Rep., 2014.
J. Hong, "The state of phishing attacks," Commun. ACM, vol. 55, no. 1, pp. 74-81, Jan. 2012.
M. Boodaei. (2011, January) Mobile users three times more vulnerable to phishing attacks. Trusteer. Accessed March 2015.
"European Union anti-Phishing Initiative-France Chapter, 1st Semester Report," LEXSI, Tech. Rep., 2015.
T. N. Jagatic, N. A. Johnson, M. Jakobsson, F. Menczer, "Social Phishing," Comm. of the ACM, vol. 10, no. 50, pp. 94-100, 2007.
B. Harrison, A. Vishwanath, N. Jie, R. Ragov, "Examining the impact of presence on individual phishing victimization." in Hawaii International Conference on System Sciences., 2015.
E. Bursztein, B. Benko, D. Margolis, T. Pietraszek, A. Archer, A. Aquino, A. Pitsillidis, S. Savage, "Handcrafted fraud and extortion: Manual account hijacking in the wild," in Proc. of 2014 Conf. on Internet Measurement Conference (IMC '14). New York, NY, USA: ACM, 2014, pp. 347-358.
R. B. Cialdini, Influence: The Psychology of Persuasion (Revision Edition). Harper Business, 2007.
D. Gragg, "A Multi-Level Defense Against Social Engineering," SANS Institute-InfoSec Reading Room, Tech. Rep., 2003.
F. Stajano and P. Wilson, "Understanding Scam Victims: Seven Principles for Systems Security," Commun. ACM, vol. 54, no. 3, pp. 70-75, Mar. 2011.
N. Akbar, "Analysing Persuasion Principles in Phishing Emails," Ph.D. dissertation, Master Thesis, University of Twente, The Netherlands, October 2014.
A. Ferreira, L. Coventry, G. Lenzini, "Principles of persuasion in social engineering and their use in phishing." in 17th Int. Conf. on Human Computer Interaction., 2015, p. (in press).
J. Dutton. (2015, February) The psychology behind why we fall for phishing scams. IT Governance Blog. Accessed March 2015.
M. Lombard, T. B. Ditton, M. E. Grabe, R. D. Reich, "The role of screen size in viewer responses to television fare," Communication Reports, vol. 10, no. 1, pp. 95-106, 1997.
A. Sundar, S. Oeldorf-Hirsch and A. Garga, "A cognitive-heuristics approach to understanding presence in virtual environments," Presence, vol. 219, no. 228, 2008.
H. Holm, W. Flores, G. Ericsson, "Cyber security for a smart grid-what about phishing?" in Innovative Smart Grid Technologies Europe (ISGT EUROPE), 2013 4th IEEE/PES, Oct 2013, pp. 1-5.
Q. Ma, "The process and characteristics of phishing attacks: A small international trading company case study," Journal of Technology Research, vol. 4, p. 1, 2013.
M. Jakobsson, "The human factor in phishing," in Privacy and Security of Consumer Information '07, 2007.
A. Vishwanath, T. Herath, R. Chen, J. Wang, H. R. Rao, "Why do people get phished? testing individual differences in phishing vulnerability within an integrated, information processing model," Decision Support Systems, vol. 51, no. 3, pp. 576-586, 2011.
K. Mitnick and W. Simon, the Art of Deception. Wiley Publishing Inc., 2002.
D. Danchev. (2009, March) Can you teach an old employee new phishing protection tricks? Intrepidus Group. Accessed March 2015.
R. Dhamija, J. D. Tygar, M. Hearst, "Why phishing works," in Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, ser. CHI '06. New York, NY, USA: ACM, 2006, pp. 581-590.
W. S. Labs, "New phishing research: 5 most dangerous email subjects, top 10 hosting countries." Websense, Tech. Rep., 2013.
S. J. Martin, N. Goldstein, R. B. Cialdini, The Small BIG: Small Changes that Spark Big Influence. Grand Central Publishing, 2014.