id:"swepub:oai:DiVA.org:his-10136"
Sökning: id:"swepub:oai:DiVA.org:his-10136" > An empirical invest...
- 1 av 1
- Föregående post
- Nästa post
- Till träfflistan
An empirical investigation of the effect of target-related information in phishing attacks
-
- Rocha Flores, Waldo (författare)
- KTH,Industriella informations- och styrsystem,Industrial Information and Control Systems, Royal Institute of Technology, Stockholm, Sweden
-
- Holm, Hannes (författare)
- Swedish Defense Research Agency (FOI), Linköping, Sweden
-
- Nohlberg, Marcus, 1976- (författare)
- Högskolan i Skövde,Institutionen för informationsteknologi,Forskningscentrum för Informationsteknologi,Information Systems
- visa fler...
- visa färre...
- (creator_code:org_t)
- IEEE Computer Society, 2014
- 2014
- Engelska.
- Ingår i: IEEE 18th International Enterprise Distributed Object Computing Conference Workshops and Demonstrations EDOCW 2014: 1-2 September 2014 Ulm, Germany. - : IEEE Computer Society. - 9781479954704 - 9781479954674 ; , s. 357-363
- Konferensbidrag (refereegranskat)
Abstract
Ämnesord
Stäng
- Analyzing the role of target-related information in a security attack is an understudied topic in the behavioral information security research field. This paper presents an empirical investigation of the effect of adding information about the target in phishing attacks. Data was collected by conducting two phishing experiments using a sample of 158 employees at five Swedish organizations. The first experiment included a traditional mass-email attack with no target-related information, and the second experiment was a targeted phishing attack in which we included specific information related to the targeted employees' organization. The results showed that the number of organizational employees falling victim to phishing significantly increased when target-related information was added in the attack. During the first experiment 5.1 % clicked on the malicious link compared to 27.2 % of the second phishing attack, and 8.9 % of those executed the binary compared to 3.2 % of the traditional phishing attack. Adding target-related information is an effective way for attackers to significantly increase the effectiveness of their phishing attacks. This is the first study that has showed this significant effect using organizational employees as a sample. The implications of the results are further discussed.
Ämnesord
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik -- Kommunikationssystem (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering -- Communication Systems (hsv//eng)
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering (hsv//eng)
Nyckelord
- direct observations
- experiments
- phishing
- security behavior
- Social engineering
- Technology
- Teknik
- Information Systems
- Informationssystem (IS)
Publikations- och innehållstyp
- ref (ämneskategori)
- kon (ämneskategori)
Hitta via bibliotek
- IEEE 18th International Enterprise Distributed Object Computing Conference Works... (Sök värdpublikationen i LIBRIS)
Till lärosätets databas
- 1 av 1
- Föregående post
- Nästa post
- Till träfflistan
Hitta mer i SwePub
- Av författaren/redakt...
- Rocha Flores, Wa ...
- Holm, Hannes
- Nohlberg, Marcus ...
- Ekstedt, Mathias
- Om ämnet
-
- TEKNIK OCH TEKNOLOGIER
- TEKNIK OCH TEKNO ...
- och Elektroteknik oc ...
- och Kommunikationssy ...
-
- TEKNIK OCH TEKNOLOGIER
- TEKNIK OCH TEKNO ...
- och Elektroteknik oc ...
- Artiklar i publikationen
- IEEE 18th Intern ...
- Av lärosätet
- Högskolan i Skövde
- Kungliga Tekniska Högskolan
Sök utanför SwePub
- Sök vidare i:
- Google Book Search
- Google Scholar
Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.
- Copyright © LIBRIS - Nationella bibliotekssystem
- LIBRIS.kb.se
