How to safely communicate with a phishing attacker by email?
Identifikátory výsledku
Kód výsledku v IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F60162694%3AG43__%2F24%3A00560187" target="_blank" >RIV/60162694:G43__/24:00560187 - isvavai.cz</a>
Výsledek na webu
<a href="https://papers.academic-conferences.org/index.php/eccws/issue/view/20/23" target="_blank" >https://papers.academic-conferences.org/index.php/eccws/issue/view/20/23</a>
DOI - Digital Object Identifier
—
Alternativní jazyky
Jazyk výsledku
angličtina
Název v původním jazyce
How to safely communicate with a phishing attacker by email?
Popis výsledku v původním jazyce
The published study is a part of the long-term research of emails with phishing attacks against the article's author. In the previous three years, 3 experiments were carried out to analyze phishing emails. The result is their detailed classification. The subsequent experiment was focused on defense against phishing attacks using the rules of the MS Outlook email client. The last experiment, which is the article's content, is devoted to analyzing communications with phishing attackers. A fake identity was created for the experiment and security rules were set up. A total of 100 phishing emails were answered, with a preference for those whose content was not aimed at fulfilling any request; that was clarified during the communications. The conducted literature search confirmed the assumption that no one is engaged in similar research, so the results of the research may be more interesting for the cybersecurity community. The articles of the literary research are focused on the issue of social engineering from an interdisciplinary perspective. A great deal of attention has also been oriented on the influence of social networks on people's information perception or on their exploitation in cyber-attacks. The result of the study is a statistical analysis of communications and a detailed analysis of its content. Out of 100 replies to the phishing email, 32 (32%) were answered by the phisher. The longest communication had 6 cycles. If the phisher insisted aggressively on personal information, the communications were terminated. From the content of the communications, the attacker's procedures and his argumentation to obtain the required information were primarily examined. A detailed analysis of the texts from the communications aimed to answer the question of whether the phisher is a robot or a person. Further considerations are being made within the team on how to continue researching phishing attacks.
Název v anglickém jazyce
How to safely communicate with a phishing attacker by email?
Popis výsledku anglicky
The published study is a part of the long-term research of emails with phishing attacks against the article's author. In the previous three years, 3 experiments were carried out to analyze phishing emails. The result is their detailed classification. The subsequent experiment was focused on defense against phishing attacks using the rules of the MS Outlook email client. The last experiment, which is the article's content, is devoted to analyzing communications with phishing attackers. A fake identity was created for the experiment and security rules were set up. A total of 100 phishing emails were answered, with a preference for those whose content was not aimed at fulfilling any request; that was clarified during the communications. The conducted literature search confirmed the assumption that no one is engaged in similar research, so the results of the research may be more interesting for the cybersecurity community. The articles of the literary research are focused on the issue of social engineering from an interdisciplinary perspective. A great deal of attention has also been oriented on the influence of social networks on people's information perception or on their exploitation in cyber-attacks. The result of the study is a statistical analysis of communications and a detailed analysis of its content. Out of 100 replies to the phishing email, 32 (32%) were answered by the phisher. The longest communication had 6 cycles. If the phisher insisted aggressively on personal information, the communications were terminated. From the content of the communications, the attacker's procedures and his argumentation to obtain the required information were primarily examined. A detailed analysis of the texts from the communications aimed to answer the question of whether the phisher is a robot or a person. Further considerations are being made within the team on how to continue researching phishing attacks.
Klasifikace
Druh
D - Stať ve sborníku
CEP obor
—
OECD FORD obor
10200 - Computer and information sciences
Návaznosti výsledku
Projekt
—
Návaznosti
I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace
Ostatní
Rok uplatnění
2023
Kód důvěrnosti údajů
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Údaje specifické pro druh výsledku
Název statě ve sborníku
Proceedings of the 22nd European Conference on Cyber Warfare and Security, ECCWS 2023
ISBN
978-1-914587-70-2
ISSN
2048-8610
e-ISSN
—
Počet stran výsledku
8
Strana od-do
100-107
Název nakladatele
Academic Conferences International Limited Reading, UK
Místo vydání
Curtis Farm, Kidmore End, Reading, RG4 9AY, UK
Místo konání akce
Athény, Řecká republika
Datum konání akce
22. 6. 2023
Typ akce podle státní příslušnosti
WRD - Celosvětová akce
Kód UT WoS článku
—