Phishing and Spear Phishing: examples in Cyber Espionage and techniques to protect against them

• URL: http://arxiv.org/abs/2006.00577v1
• Date: Sun, 31 May 2020 18:10:09 GMT
• Title: Phishing and Spear Phishing: examples in Cyber Espionage and techniques to protect against them
• Authors: Alessandro Ecclesie Agazzi
• Abstract summary: Phishing attacks have become the most used technique in the online scams, initiating more than 91% of cyberattacks, from 2012 onwards. This study reviews how Phishing and Spear Phishing attacks are carried out by the phishers, through 5 steps which magnify the outcome.
• Score: 91.3755431537592
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Phishing attacks have become the most used technique in the online scams, initiating more than 91% of cyberattacks, from 2012 onwards. This study reviews how Phishing and Spear Phishing attacks are carried out by the phishers, through 5 steps which magnify the outcome, increasing the chance of success. The focus will be also given on four different layers of protection against these social engineering attacks, showing their strengths and weaknesses; the first and second layers consist of automated tools and decision-aid tools. the third one is users' knowledge and expertise to deal with potential threats. The last layer, defined as "external", will underline the importance of having a Multi-factor authentication, an effective way to provide an enhanced security, creating a further layer of protection against Phishing and Spear Phishing.

Related papers

• Efficient Backdoor Defense in Multimodal Contrastive Learning: A Token-Level Unlearning Method for Mitigating Threats [52.94388672185062]
  We propose an efficient defense mechanism against backdoor threats using a concept known as machine unlearning. This entails strategically creating a small set of poisoned samples to aid the model's rapid unlearning of backdoor vulnerabilities. In the backdoor unlearning process, we present a novel token-based portion unlearning training regime.
  arXiv  Detail & Related papers  (2024-09-29T02:55:38Z)
• NoPhish: Efficient Chrome Extension for Phishing Detection Using Machine Learning Techniques [0.0]
  "NoPhish" shall identify a phishing webpage based on several Machine Learning techniques. We have used the training dataset from "PhishTank" and extracted the 22 most popular features. The performance results show that Random Forest delivers the best precision.
  arXiv  Detail & Related papers  (2024-09-01T18:59:14Z)
• From ML to LLM: Evaluating the Robustness of Phishing Webpage Detection Models against Adversarial Attacks [0.8050163120218178]
  Phishing attacks attempt to deceive users into stealing sensitive information. Current phishing webpage detection solutions are vulnerable to adversarial attacks. We develop a tool that generates adversarial phishing webpages by embedding diverse phishing features into legitimate webpages.
  arXiv  Detail & Related papers  (2024-07-29T18:21:34Z)
• Rethinking the Vulnerabilities of Face Recognition Systems:From a Practical Perspective [53.24281798458074]
  Face Recognition Systems (FRS) have increasingly integrated into critical applications, including surveillance and user authentication. Recent studies have revealed vulnerabilities in FRS to adversarial (e.g., adversarial patch attacks) and backdoor attacks (e.g., training data poisoning)
  arXiv  Detail & Related papers  (2024-05-21T13:34:23Z)
• Evaluating the Efficacy of Large Language Models in Identifying Phishing Attempts [2.6012482282204004]
  Phishing, a prevalent cybercrime tactic for decades, remains a significant threat in today's digital world. This paper aims to analyze the effectiveness of 15 Large Language Models (LLMs) in detecting phishing attempts.
  arXiv  Detail & Related papers  (2024-04-23T19:55:18Z)
• LOTUS: Evasive and Resilient Backdoor Attacks through Sub-Partitioning [49.174341192722615]
  Backdoor attack poses a significant security threat to Deep Learning applications. Recent papers have introduced attacks using sample-specific invisible triggers crafted through special transformation functions. We introduce a novel backdoor attack LOTUS to address both evasiveness and resilience.
  arXiv  Detail & Related papers  (2024-03-25T21:01:29Z)
• An Overview of Phishing Victimization: Human Factors, Training and the Role of Emotions [0.0]
  Phishing is a form of cybercrime that allows criminals, phishers, to deceive end users in order to steal their confidential and sensitive information. This paper explores the emotional factors that have been reported in previous studies to be significant in phishing victimization.
  arXiv  Detail & Related papers  (2022-09-13T12:51:20Z)
• Detecting Phishing Sites -- An Overview [0.0]
  Phishing is one of the most severe cyber-attacks where researchers are interested to find a solution. To minimize the damage caused by phishing must be detected as early as possible. There are various phishing detection techniques based on white-list, black-list, content-based, URL-based, visual-similarity and machine-learning.
  arXiv  Detail & Related papers  (2021-03-23T19:16:03Z)
• Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain [58.30296637276011]
  This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques. It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
  arXiv  Detail & Related papers  (2020-07-05T18:22:40Z)
• On Certifying Robustness against Backdoor Attacks via Randomized Smoothing [74.79764677396773]
  We study the feasibility and effectiveness of certifying robustness against backdoor attacks using a recent technique called randomized smoothing. Our results show the theoretical feasibility of using randomized smoothing to certify robustness against backdoor attacks. Existing randomized smoothing methods have limited effectiveness at defending against backdoor attacks.
  arXiv  Detail & Related papers  (2020-02-26T19:15:46Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.