• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

我们在检测网络钓鱼攻击方面有多出色?调查不断演变的网络钓鱼攻击电子邮件及其持续成功欺骗社会的原因。

How Good Are We at Detecting a Phishing Attack? Investigating the Evolving Phishing Attack Email and Why It Continues to Successfully Deceive Society.

作者信息

Carroll Fiona, Adejobi John Ayooluwa, Montasari Reza

机构信息

Cardiff Metropolitan University Llandaff Campus, Western Avenue, Cardiff, CF5 2YB UK.

Hillary Rodham Clinton School of Law, Swansea University, Singleton Park, Swansea, Wales SA2 8PP UK.

出版信息

SN Comput Sci. 2022;3(2):170. doi: 10.1007/s42979-022-01069-1. Epub 2022 Feb 23.

DOI:10.1007/s42979-022-01069-1
PMID:35224514
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC8864450/
Abstract

Phishing attacks are on the increase. The fact that our ways of living, studying and working have drastically changed as a result of the COVID pandemic (i.e., almost everything being done online) has created many new cyber security concerns. In particular, with the move to remote working, the number of phishing emails threatening employees has increased. The 2020 Phishing Attack Landscape Report (Greathorn: 2020 Phishing attack landscape. https://info.greathorn.com/report-2020-phishing-attack-landscape/, 2020) highlights a sharp increase in the frequency of attempted phishing attacks. In this paper, we are interested in how the phishing email attack has evolved to this very threatening state. In detail, we explore the current phishing attack characteristics especially the growing challenges that have emerged as a result of the COVID-19 pandemic. The paper documents a study that presented test participants with five different categories of emails (including phishing and non phishing) . The findings from the study show that participants, generally, found it difficult to detect modern phishing email attacks. Saying that, participants were alert to the spelling mistakes of the older phishing email attacks, sensitive information being requested from them and any slight change to what they were normally used to from an email. Moreover, we have found that people were not confident, worried and often dissatisfied with the current technologies available to protect them against phishing emails. In terms of trust, these feelings alerted us to the increasing severity of the phishing attack situation and just how vulnerable society has become/ still is.

摘要

网络钓鱼攻击呈上升趋势。由于新冠疫情,我们的生活、学习和工作方式发生了巨大变化(即几乎所有事情都在网上进行),这引发了许多新的网络安全问题。特别是,随着向远程工作的转变,威胁员工的网络钓鱼电子邮件数量增加了。《2020年网络钓鱼攻击态势报告》(Greathorn:2020年网络钓鱼攻击态势。https://info.greathorn.com/report-2020-phishing-attack-landscape/,2020)强调了网络钓鱼攻击企图频率的急剧增加。在本文中,我们关注网络钓鱼电子邮件攻击是如何演变成这种极具威胁性的状态的。详细地说,我们探讨了当前网络钓鱼攻击的特征,尤其是新冠疫情引发的日益严峻的挑战。该论文记录了一项研究,该研究向测试参与者展示了五类不同的电子邮件(包括网络钓鱼邮件和非网络钓鱼邮件)。研究结果表明,参与者通常很难检测出现代网络钓鱼电子邮件攻击。话虽如此,参与者对旧的网络钓鱼电子邮件攻击中的拼写错误、要求提供敏感信息以及与他们通常习惯的电子邮件有任何细微变化都很警觉。此外,我们发现人们对现有的保护他们免受网络钓鱼电子邮件侵害的技术缺乏信心、感到担忧且常常不满。在信任方面,这些感受让我们意识到网络钓鱼攻击形势的日益严峻,以及社会变得多么脆弱/仍然多么脆弱。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0ccc/8864450/9b565d364643/42979_2022_1069_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0ccc/8864450/5af4f491bee0/42979_2022_1069_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0ccc/8864450/a2f6ce6aa584/42979_2022_1069_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0ccc/8864450/81eb0f4baf83/42979_2022_1069_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0ccc/8864450/41cfb083c6dc/42979_2022_1069_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0ccc/8864450/9b565d364643/42979_2022_1069_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0ccc/8864450/5af4f491bee0/42979_2022_1069_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0ccc/8864450/a2f6ce6aa584/42979_2022_1069_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0ccc/8864450/81eb0f4baf83/42979_2022_1069_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0ccc/8864450/41cfb083c6dc/42979_2022_1069_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0ccc/8864450/9b565d364643/42979_2022_1069_Fig5_HTML.jpg

相似文献

1
How Good Are We at Detecting a Phishing Attack? Investigating the Evolving Phishing Attack Email and Why It Continues to Successfully Deceive Society.我们在检测网络钓鱼攻击方面有多出色?调查不断演变的网络钓鱼攻击电子邮件及其持续成功欺骗社会的原因。
SN Comput Sci. 2022;3(2):170. doi: 10.1007/s42979-022-01069-1. Epub 2022 Feb 23.
2
Assessment of Employee Susceptibility to Phishing Attacks at US Health Care Institutions.美国医疗机构中员工易受网络钓鱼攻击的评估。
JAMA Netw Open. 2019 Mar 1;2(3):e190393. doi: 10.1001/jamanetworkopen.2019.0393.
3
Susceptibility to Spear-Phishing Emails: Effects of Internet User Demographics and Email Content.对鱼叉式网络钓鱼电子邮件的易感性:互联网用户人口统计学特征和电子邮件内容的影响。
ACM Trans Comput Hum Interact. 2019 Sep;26(5). doi: 10.1145/3336141.
4
Personalized persuasion: Quantifying susceptibility to information exploitation in spear-phishing attacks.个性化说服:量化鱼叉式网络钓鱼攻击中信息利用的易感性。
Appl Ergon. 2023 Apr;108:103908. doi: 10.1016/j.apergo.2022.103908. Epub 2022 Nov 17.
5
It's the deceiver and the receiver: Individual differences in phishing susceptibility and false positives with item profiling.是欺骗者也是受骗者:个体差异在钓鱼易感性和项目分析中的假阳性。
PLoS One. 2018 Oct 26;13(10):e0205089. doi: 10.1371/journal.pone.0205089. eCollection 2018.
6
Understanding Phishing Email Processing and Perceived Trustworthiness Through Eye Tracking.通过眼动追踪理解网络钓鱼邮件处理与感知可信度
Front Psychol. 2020 Jul 28;11:1756. doi: 10.3389/fpsyg.2020.01756. eCollection 2020.
7
A comprehensive survey of AI-enabled phishing attacks detection techniques.对人工智能驱动的网络钓鱼攻击检测技术的全面调查。
Telecommun Syst. 2021;76(1):139-154. doi: 10.1007/s11235-020-00733-2. Epub 2020 Oct 23.
8
The Phishing Email Suspicion Test (PEST) a lab-based task for evaluating the cognitive mechanisms of phishing detection.钓鱼邮件怀疑测试(PEST)是一种基于实验室的任务,用于评估钓鱼检测的认知机制。
Behav Res Methods. 2021 Jun;53(3):1342-1352. doi: 10.3758/s13428-020-01495-0. Epub 2020 Oct 19.
9
Creative Persuasion: A Study on Adversarial Behaviors and Strategies in Phishing Attacks.创造性说服:网络钓鱼攻击中的对抗行为与策略研究
Front Psychol. 2018 Feb 21;9:135. doi: 10.3389/fpsyg.2018.00135. eCollection 2018.
10
Cloud-based email phishing attack using machine and deep learning algorithm.基于云的使用机器学习和深度学习算法的电子邮件网络钓鱼攻击。
Complex Intell Systems. 2023;9(3):3043-3070. doi: 10.1007/s40747-022-00760-3. Epub 2022 Jun 2.

引用本文的文献

1
Phishing URL detection with neural networks: an empirical study.基于神经网络的网络钓鱼网址检测:一项实证研究。
Sci Rep. 2024 Oct 24;14(1):25134. doi: 10.1038/s41598-024-74725-6.

本文引用的文献

1
Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic.新冠疫情时代的网络安全:疫情期间网络犯罪与网络攻击的时间线及分析
Comput Secur. 2021 Jun;105:102248. doi: 10.1016/j.cose.2021.102248. Epub 2021 Mar 3.
2
A comprehensive survey of AI-enabled phishing attacks detection techniques.对人工智能驱动的网络钓鱼攻击检测技术的全面调查。
Telecommun Syst. 2021;76(1):139-154. doi: 10.1007/s11235-020-00733-2. Epub 2020 Oct 23.
3
Human Cognition Through the Lens of Social Engineering Cyberattacks.
从社会工程网络攻击视角看人类认知
Front Psychol. 2020 Sep 30;11:1755. doi: 10.3389/fpsyg.2020.01755. eCollection 2020.
4
Susceptibility to phishing on social network sites: A personality information processing model.社交网站上对网络钓鱼的易感性:一种人格信息处理模型。
Comput Secur. 2020 Jul;94:101862. doi: 10.1016/j.cose.2020.101862. Epub 2020 May 1.
5
Decision making under stress: a selective review.应激下的决策:选择性回顾。
Neurosci Biobehav Rev. 2012 Apr;36(4):1228-48. doi: 10.1016/j.neubiorev.2012.02.003. Epub 2012 Feb 10.