A framework for securing email entrances and mitigating phishing impersonation attacks

• URL: http://arxiv.org/abs/2312.04100v1
• Date: Thu, 7 Dec 2023 07:28:34 GMT
• Title: A framework for securing email entrances and mitigating phishing impersonation attacks
• Authors: Peace Nmachi Wosah,
• Abstract summary: This work intends to protect users' email composition and settings. A secure code is applied to the composition send button to curtail insider impersonation attack. Also, to secure open applications on public and private devices.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Emails are used every day for communication, and many countries and organisations mostly use email for official communications. It is highly valued and recognised for confidential conversations and transactions in day-to-day business. The Often use of this channel and the quality of information it carries attracted cyber attackers to it. There are many existing techniques to mitigate attacks on email, however, the systems are more focused on email content and behaviour and not securing entrances to email boxes, composition, and settings. This work intends to protect users' email composition and settings to prevent attackers from using an account when it gets hacked or hijacked and stop them from setting forwarding on the victim's email account to a different account which automatically stops the user from receiving emails. A secure code is applied to the composition send button to curtail insider impersonation attack. Also, to secure open applications on public and private devices.

Related papers

• Characterizing the Networks Sending Enterprise Phishing Emails [3.6005071324152227]
  Phishing attacks on enterprise employees present one of the most costly and potent threats to organizations. We draw on a dataset spanning one year across thousands of enterprises, billions of emails, and over 800,000 delivered phishing attacks. We find that over one-third of the phishing email in our dataset originates from highly reputable networks, including Amazon and Microsoft.
  arXiv  Detail & Related papers  (2024-12-16T23:15:40Z)
• SpearBot: Leveraging Large Language Models in a Generative-Critique Framework for Spear-Phishing Email Generation [9.322176274376774]
  Large Language Models (LLMs) are increasingly capable, aiding in tasks such as content generation. This paper proposes an adversarial framework, SpearBot, to generate spear-phishing emails.
  arXiv  Detail & Related papers  (2024-12-15T08:13:12Z)
• Exploring Content Concealment in Email [0.48748194765816943]
  Modern email filters, one of our few defence mechanisms against malicious emails, are often circumvented by sophisticated attackers. This study focuses on how attackers exploit HTML and CSS in emails to conceal arbitrary content. This concealed content remains undetected by the recipient, presenting a serious security risk.
  arXiv  Detail & Related papers  (2024-10-15T01:12:47Z)
• Eyes on the Phish(er): Towards Understanding Users' Email Processing Pattern and Mental Models in Phishing Detection [0.4543820534430522]
  This study examines how workload affects susceptibility to phishing. We use eye-tracking technology to observe participants' reading patterns and interactions with phishing emails. Our results provide concrete evidence that attention to the email sender can reduce phishing susceptibility.
  arXiv  Detail & Related papers  (2024-09-12T02:57:49Z)
• Nudging Users to Change Breached Passwords Using the Protection Motivation Theory [58.87688846800743]
  We draw on the Protection Motivation Theory (PMT) to design nudges that encourage users to change breached passwords. Our study contributes to PMT's application in security research and provides concrete design implications for improving compromised credential notifications.
  arXiv  Detail & Related papers  (2024-05-24T07:51:15Z)
• Targeted Attacks: Redefining Spear Phishing and Business Email Compromise [0.17175834535889653]
  Some rare, severely damaging email threats - known as spear phishing or Business Email Compromise - have emerged. We describe targeted-attack-detection techniques as well as social-engineering methods used by fraudsters. We present text-based attacks - with textual content as malicious payload - and compare non-targeted and targeted variants.
  arXiv  Detail & Related papers  (2023-09-25T14:21:59Z)
• Vulnerabilities of Deep Learning-Driven Semantic Communications to Backdoor (Trojan) Attacks [70.51799606279883]
  This paper highlights vulnerabilities of deep learning-driven semantic communications to backdoor (Trojan) attacks. Backdoor attack can effectively change the semantic information transferred for poisoned input samples to a target meaning. Design guidelines are presented to preserve the meaning of transferred information in the presence of backdoor attacks.
  arXiv  Detail & Related papers  (2022-12-21T17:22:27Z)
• Certifiably Robust Policy Learning against Adversarial Communication in Multi-agent Systems [51.6210785955659]
  Communication is important in many multi-agent reinforcement learning (MARL) problems for agents to share information and make good decisions. However, when deploying trained communicative agents in a real-world application where noise and potential attackers exist, the safety of communication-based policies becomes a severe issue that is underexplored. In this work, we consider an environment with $N$ agents, where the attacker may arbitrarily change the communication from any $CfracN-12$ agents to a victim agent.
  arXiv  Detail & Related papers  (2022-06-21T07:32:18Z)
• Robust and Verifiable Information Embedding Attacks to Deep Neural Networks via Error-Correcting Codes [81.85509264573948]
  In the era of deep learning, a user often leverages a third-party machine learning tool to train a deep neural network (DNN) classifier. In an information embedding attack, an attacker is the provider of a malicious third-party machine learning tool. In this work, we aim to design information embedding attacks that are verifiable and robust against popular post-processing methods.
  arXiv  Detail & Related papers  (2020-10-26T17:42:42Z)
• Phishing and Spear Phishing: examples in Cyber Espionage and techniques to protect against them [91.3755431537592]
  Phishing attacks have become the most used technique in the online scams, initiating more than 91% of cyberattacks, from 2012 onwards. This study reviews how Phishing and Spear Phishing attacks are carried out by the phishers, through 5 steps which magnify the outcome.
  arXiv  Detail & Related papers  (2020-05-31T18:10:09Z)
• Learning with Weak Supervision for Email Intent Detection [56.71599262462638]
  We propose to leverage user actions as a source of weak supervision to detect intents in emails. We develop an end-to-end robust deep neural network model for email intent identification.
  arXiv  Detail & Related papers  (2020-05-26T23:41:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.