An Analysis of Social Engineering Principles in Effective Phishing

Ferreira, Ana; Lenzini, Gabriele

Request a copy

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

An Analysis of Social Engineering Principles in Effective Phishing

Ferreira, Ana; Lenzini, Gabriele

2015 • In Proc. of the 5th International Workshop on Socio-Technical Security and Trust

Peer reviewed

Permalink
https://hdl.handle.net/10993/21781

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

stast2015.pdf

Author preprint (202.03 kB)

Request a copy

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

Phishing; Social Engineering; Socio-Technical Security

Research center :

SnT

Disciplines :

Computer science

Author, co-author :

Ferreira, Ana

Lenzini, Gabriele ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

External co-authors :

yes

Language :

English

Title :

An Analysis of Social Engineering Principles in Effective Phishing

Publication date :

2015

Event name :

Socio-Technical Aspects in Security and Trust

Event organizer :

Univ. Verona

Event place :

Verona, Italy

Event date :

13-07-2015

Audience :

International

Main work title :

Proc. of the 5th International Workshop on Socio-Technical Security and Trust

Publisher :

CSP

Peer reviewed :

Peer reviewed

FnR Project :

FNR1183245 - Socio-technical Analysis Of Security And Trust, 2011 (01/05/2012-30/04/2015) - Peter Y. A. Ryan

Funders :

FNR - Fonds National de la Recherche [LU]

Available on ORBilu :

since 17 August 2015

Statistics

Number of views

237 (8 by Unilu)

Number of downloads

4 (2 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

Bibliography

M. Labs, "Threats report," McAfee, Tech. Rep., 2014.
J. Hong, "The state of phishing attacks," Commun. ACM, vol. 55, no. 1, pp. 74-81, Jan. 2012.
M. Boodaei. (2011, January) Mobile users three times more vulnerable to phishing attacks. Trusteer. Accessed March 2015.
"European Union anti-Phishing Initiative-France Chapter, 1st Semester Report," LEXSI, Tech. Rep., 2015.
T. N. Jagatic, N. A. Johnson, M. Jakobsson, F. Menczer, "Social Phishing," Comm. of the ACM, vol. 10, no. 50, pp. 94-100, 2007.
B. Harrison, A. Vishwanath, N. Jie, R. Ragov, "Examining the impact of presence on individual phishing victimization." in Hawaii International Conference on System Sciences., 2015.
E. Bursztein, B. Benko, D. Margolis, T. Pietraszek, A. Archer, A. Aquino, A. Pitsillidis, S. Savage, "Handcrafted fraud and extortion: Manual account hijacking in the wild," in Proc. of 2014 Conf. on Internet Measurement Conference (IMC '14). New York, NY, USA: ACM, 2014, pp. 347-358.
R. B. Cialdini, Influence: The Psychology of Persuasion (Revision Edition). Harper Business, 2007.
D. Gragg, "A Multi-Level Defense Against Social Engineering," SANS Institute-InfoSec Reading Room, Tech. Rep., 2003.
F. Stajano and P. Wilson, "Understanding Scam Victims: Seven Principles for Systems Security," Commun. ACM, vol. 54, no. 3, pp. 70-75, Mar. 2011.
N. Akbar, "Analysing Persuasion Principles in Phishing Emails," Ph.D. dissertation, Master Thesis, University of Twente, The Netherlands, October 2014.
A. Ferreira, L. Coventry, G. Lenzini, "Principles of persuasion in social engineering and their use in phishing." in 17th Int. Conf. on Human Computer Interaction., 2015, p. (in press).
J. Dutton. (2015, February) The psychology behind why we fall for phishing scams. IT Governance Blog. Accessed March 2015.
M. Lombard, T. B. Ditton, M. E. Grabe, R. D. Reich, "The role of screen size in viewer responses to television fare," Communication Reports, vol. 10, no. 1, pp. 95-106, 1997.
A. Sundar, S. Oeldorf-Hirsch and A. Garga, "A cognitive-heuristics approach to understanding presence in virtual environments," Presence, vol. 219, no. 228, 2008.
H. Holm, W. Flores, G. Ericsson, "Cyber security for a smart grid-what about phishing?" in Innovative Smart Grid Technologies Europe (ISGT EUROPE), 2013 4th IEEE/PES, Oct 2013, pp. 1-5.
Q. Ma, "The process and characteristics of phishing attacks: A small international trading company case study," Journal of Technology Research, vol. 4, p. 1, 2013.
M. Jakobsson, "The human factor in phishing," in Privacy and Security of Consumer Information '07, 2007.
A. Vishwanath, T. Herath, R. Chen, J. Wang, H. R. Rao, "Why do people get phished? testing individual differences in phishing vulnerability within an integrated, information processing model," Decision Support Systems, vol. 51, no. 3, pp. 576-586, 2011.
K. Mitnick and W. Simon, the Art of Deception. Wiley Publishing Inc., 2002.
D. Danchev. (2009, March) Can you teach an old employee new phishing protection tricks? Intrepidus Group. Accessed March 2015.
R. Dhamija, J. D. Tygar, M. Hearst, "Why phishing works," in Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, ser. CHI '06. New York, NY, USA: ACM, 2006, pp. 581-590.
W. S. Labs, "New phishing research: 5 most dangerous email subjects, top 10 hosting countries." Websense, Tech. Rep., 2013.
S. J. Martin, N. Goldstein, R. B. Cialdini, The Small BIG: Small Changes that Spark Big Influence. Grand Central Publishing, 2014.