Utilizza questo identificativo per citare o creare un link a questo documento:
|Titolo:||A social-engineering-centric data collection initiative to study phishing|
|Autori interni:||MAGGI, FEDERICO|
|Data di pubblicazione:||2011|
|Abstract:||Phishers nowadays rely on a variety of channels, ranging from old-fashioned emails to instant messages, social networks, and the phone system (with both calls and text messages), with the goal of reaching more victims. As a consequence, modern phishing became a multi-faceted, even more pervasive threat that is inherently more difficult to study than traditional, email-based phishing. This short paper describes the status of a data collection system we are developing to capture different aspects of phishing campaigns, with a particular focus on the emerging use of the voice channel. The general approach is to record inbound calls received on decoy phone lines, place outbound calls to the same caller identifiers (when available) and also to telephone numbers obtained from different sources. Specifically, our system analyzes instant messages (e.g., automated social engineering attempts) and suspicious emails (e.g., spam, phishing), and extracts telephone numbers, URLs and popular words from the content. In addition, users can voluntarily submit voice phishing (vishing) attempts through a public website. Extracted telephone numbers, URLs and popular words will be correlated to recognize campaigns by means of cross-channel relationships between messages.|
|Appare nelle tipologie:||04.1 Contributo in Atti di convegno|
File in questo prodotto:
Non ci sono file associati a questo prodotto.
- PubMed Central loading...
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.