Phishing – Still Topical

Ladislav Buřita; Kamil Halouzka; Pavel Kozak

doi:10.3849/aimt.01873

Authors

Ladislav Buřita University of Defence Faculty of Military Technology K-209
Kamil Halouzka
Pavel Kozak

DOI:

https://doi.org/10.3849/aimt.01873

Keywords:

phishing, analysis, communication with phishers, defense, education

Abstract

The article summarizes the results of research into phishing threats and attacks over a multi-year period. Obtained phishing emails are subject to statistical, frequency, and content analysis; messages are classified according to the content into five segments: Business, Fund, Charity, Transfer, and Others. An experiment of communicating with phishing attackers is described; necessary security measures are set for this. Protection against phishing attacks is solved by filtering incoming mail on the Microsoft Outlook client while applying rules with keywords obtained from individual segments. In a broader context, the cyber security of email communication is explained, and commercial tools for defense against phishing attacks are described. The usability of research results is also assumed in the education of university students and the training of employees of companies and organizations.

Author Biography

Ladislav Buřita, University of Defence Faculty of Military Technology K-209

References

SLIFKIN, E.J.D. and M.B. NEIDER. Phishing Interrupted: The Impact of Task Interruptions on Phishing Email Classification. International Journal of Hu-man-Computer Studies, 2023, 14, 103017. https://doi.org/10.1016/j.ijhcs.2023.103017.

TAN, C.C.L., K.L. CHIEW, K.S.C. YONG, Y. SEBASTIAN, J.C. THAN and W.K. TIONG. Hybrid Phishing Detection Using Joint Visual and Textual Iden-tity. Expert Systems with Applications, 2023, 220, 119723. https://doi.org/10.1016/j.ijhcs.2023.103017.

VISHWANATH A., T. HERATH, R. CHEN, J. WANG and H.R. RAO. Why Do People Get Phished? Testing Individual Differences in Phishing Vulnerabil-ity Within an Integrated, Information Processing Model. Decision Support Sys-tems, 2011, 51(3), pp. 576-586. https://doi.org/10.1016/j.dss.2011.03.002.

ALSHARNOUBY, M., F. ALACA and S. CHIASSON. Why Phishing Still Works: User Strategies for Combating Phishing Attacks. International Journal of Human-Computer Studies, 2015, 82, pp. 69-82. https://doi.org/10.1016/j.ijhcs.2015.05.005.

ABBASI, A., F. ZAHEDI and Y. CHEN. Impact of Anti-Phishing Tool Perfor-mance on Attack Success Rates. In: 2012 IEEE International Conference on In-telligence and Security Informatics. Washington: IEEE, 2012. https://doi.org/10.1109/ISI.2012.6282648.

TURČANÍK, M. Behavior Analysis of Web Users by Mean Shift Clustering. In: 2021 International Conference on Military Technologies (ICMT). Brno: IEEE, 2021, pp. 1-6. https://doi.org/10.1109/ICMT52455.2021.9502771.

TURČANÍK, M. Web Users Clustering by their Behavior on the Network. In: 2020 New Trends in Signal Processing (NTSP), Demanovska Dolina: IEEE, 2020, pp. 1-5. https://doi.org/10.1109/NTSP49686.2020.9229548.

TURČANÍK, M. Using the Recurrent Neural Network for Hash Function Gen-eration. In: 2017 International Conference on Applied Electronics (AE). Pilsen: IEEE, 2017, pp. 1-4. https://doi.org/10.23919/AE.2017.8053625.

Software and Information Sources of the Company TOVEK [online]. [viewed 2023-11-12]. Available from: www.tovek.cz

ENISA Mandate and Regulatory Framework [online]. [viewed 2023-11-15]. Available from: https://www.enisa.europa.eu/about-enisa/regulatory-framework

NÚKIB, Education [online]. [viewed 2023-11-01]. Available from: https://nukib.gov.cz/en/cyber-security/education/

IRONSCALES [online]. [viewed 2023-11-09]. Available from: https://ironscales.com/

AVANAN [online]. [viewed 2023-10-26]. Available from: https://www.avanan.com/

ABNORMAL SECURITY [online]. [viewed 2023-10-26]. Available: https://abnormalsecurity.com/

DZRO-209, University Research Project KYBERSILY: Cyber Forces and As-sets, Brno, University of Defence, 2021-2025.