An application of cyberpsychology in business email compromise

• URL: http://arxiv.org/abs/2011.11112v2
• Date: Tue, 24 Nov 2020 09:53:57 GMT
• Title: An application of cyberpsychology in business email compromise
• Authors: Shadrack Awah Buo
• Abstract summary: This paper introduces Business Email Compromise (BEC) and why it is becoming a major issue to businesses worldwide. It also presents a case study of a BEC incident against Unatrac Holding Ltd and analyses the techniques used by the cybercriminals to defraud the company.
• Score: 0.0
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: This paper introduces Business Email Compromise (BEC) and why it is becoming a major issue to businesses worldwide. It also presents a case study of a BEC incident against Unatrac Holding Ltd and analyses the techniques used by the cybercriminals to defraud the company. A critical analysis of the psychological and sociotechnical impacts of BEC to both the company and employees are conducted, and potential risk mitigations strategies and recommendations are provided to prevent future attacks.

Related papers

• Privacy Risks of General-Purpose AI Systems: A Foundation for Investigating Practitioner Perspectives [47.17703009473386]
  Powerful AI models have led to impressive leaps in performance across a wide range of tasks. Privacy concerns have led to a wealth of literature covering various privacy risks and vulnerabilities of AI models. We conduct a systematic review of these survey papers to provide a concise and usable overview of privacy risks in GPAIS.
  arXiv  Detail & Related papers  (2024-07-02T07:49:48Z)
• ABI Approach: Automatic Bias Identification in Decision-Making Under Risk based in an Ontology of Behavioral Economics [46.57327530703435]
  Risk seeking preferences for losses, driven by biases such as loss aversion, pose challenges and can result in severe negative consequences. This research introduces the ABI approach, a novel solution designed to support organizational decision-makers by automatically identifying and explaining risk seeking preferences.
  arXiv  Detail & Related papers  (2024-05-22T23:53:46Z)
• QBER: Quantifying Cyber Risks for Strategic Decisions [0.0]
  We introduce QBER approach to offer decision-makers measurable risk metrics. The QBER evaluates losses from cyberattacks, performs detailed risk analyses based on existing cybersecurity measures, and provides thorough cost assessments. Our contributions involve outlining cyberattack probabilities and risks, identifying Technical, Economic, and Legal (TEL) impacts, creating a model to gauge impacts, suggesting risk mitigation strategies, and examining trends and challenges in implementing widespread Cyber Risk Quantification (CRQ)
  arXiv  Detail & Related papers  (2024-05-06T14:25:58Z)
• QuantTM: Business-Centric Threat Quantification for Risk Management and Cyber Resilience [0.259990372084357]
  QuantTM is an approach that incorporates views from operational and strategic business representatives to collect threat information. It empowers the analysis of threats' impacts and the applicability of security controls.
  arXiv  Detail & Related papers  (2024-02-21T21:34:06Z)
• Critical Analysis and Countermeasures Tactics, Techniques and Procedures (TTPs) that targeting civilians: A case study On Pegasus [0.0]
  This paper investigates the targeting of journalists and activists by the malware Pegasus. Examines the far-reaching consequences of these attacks for cybersecurity policy. Describes some of the most important tactics that businesses may use to reduce the danger of cyberattacks.
  arXiv  Detail & Related papers  (2023-10-01T19:28:03Z)
• On the Security Risks of Knowledge Graph Reasoning [71.64027889145261]
  We systematize the security threats to KGR according to the adversary's objectives, knowledge, and attack vectors. We present ROAR, a new class of attacks that instantiate a variety of such threats. We explore potential countermeasures against ROAR, including filtering of potentially poisoning knowledge and training with adversarially augmented queries.
  arXiv  Detail & Related papers  (2023-05-03T18:47:42Z)
• SECAdvisor: a Tool for Cybersecurity Planning using Economic Models [0.587978226098469]
  Lack of investments and perverse economic incentives are the root cause of cyberattacks. This article introduces SECAdvisor, a tool to support cybersecurity planning using economic models.
  arXiv  Detail & Related papers  (2023-04-16T22:31:50Z)
• Graph Mining for Cybersecurity: A Survey [61.505995908021525]
  The explosive growth of cyber attacks nowadays, such as malware, spam, and intrusions, caused severe consequences on society. Traditional Machine Learning (ML) based methods are extensively used in detecting cyber threats, but they hardly model the correlations between real-world cyber entities. With the proliferation of graph mining techniques, many researchers investigated these techniques for capturing correlations between cyber entities and achieving high performance.
  arXiv  Detail & Related papers  (2023-04-02T08:43:03Z)
• Probabilistic Categorical Adversarial Attack & Adversarial Training [45.458028977108256]
  The existence of adversarial examples brings huge concern for people to apply Deep Neural Networks (DNNs) in safety-critical tasks. How to generate adversarial examples with categorical data is an important problem but lack of extensive exploration. We propose Probabilistic Categorical Adversarial Attack (PCAA), which transfers the discrete optimization problem to a continuous problem that can be solved efficiently by Projected Gradient Descent.
  arXiv  Detail & Related papers  (2022-10-17T19:04:16Z)
• An Uncommon Task: Participatory Design in Legal AI [64.54460979588075]
  We examine a notable yet understudied AI design process in the legal domain that took place over a decade ago. We show how an interactive simulation methodology allowed computer scientists and lawyers to become co-designers.
  arXiv  Detail & Related papers  (2022-03-08T15:46:52Z)
• A framework for effective corporate communication after cyber security incidents [2.66512000865131]
  Major cyber security incidents can represent a cyber crisis for an organisation, in particular because of the associated risk of reputational damage. This research seeks to tackle this problem through a critical, multi-faceted investigation into the efficacy of crisis communication and public relations following a data breach. It does so by drawing on academic literature, obtained through a systematic literature review, and real-world case studies. The validity of this framework is demonstrated by its evaluation through interviews with senior industry professionals, as well as a critical assessment against relevant practice and research.
  arXiv  Detail & Related papers  (2020-09-19T11:08:53Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.