Bot Development for Social Engineering Attacks on Twitter

A series of bots performing simulated social engineering attacks using phishing in the Twitter platform was developed to identify potentially unsafe user behavior. In this work different bot versions were developed to collect feedback data after stimuli directed to 1,287 twitter accounts for 38 consecutive days. The results were not conclusive about the existence of preceptors for unsafe behavior, but we conclude that despite Twiter's security this kind of attack is still feasible.

[1]  Elmer Lastdrager,et al.  Achieving a consensual definition of phishing based on a systematic review of the literature , 2014, Crime Science.

[2]  Markus Jakobsson,et al.  Designing ethical phishing experiments: a study of (ROT13) rOnl query features , 2006, WWW '06.

[3]  Hamideh Afsarmanesh,et al.  Phishing through social bots on Twitter , 2016, 2016 IEEE International Conference on Big Data (Big Data).

[4]  Tobias Lauinger,et al.  Honeybot, Your Man in the Middle for Automated Social Engineering , 2010, LEET.

[5]  JakobssonMarkus,et al.  Why and How to Perform Fraud Experiments , 2008, S&P 2008.

[6]  Stewart Kowalski,et al.  Towards Automating Social Engineering Using Social Networking Sites , 2009, 2009 International Conference on Computational Science and Engineering.

[7]  Swapan Purkait,et al.  Information Management & Computer Security Phishing counter measures and their effectiveness – literature review , 2016 .

[8]  Joseph M. Hatfield Social engineering in cybersecurity: The evolution of a concept , 2018, Comput. Secur..

[9]  Tian Lin,et al.  Dissecting Spear Phishing Emails for Older vs Young Adults: On the Interplay of Weapons of Influence and Life Domains in Predicting Susceptibility to Phishing , 2017, CHI.

[10]  Paulo Henrique Soares de Almeida,et al.  Click Fraud Detection and Prevention System for Ad Networks , 2019 .

[11]  Linda M. Wills,et al.  Reverse Engineering , 1996, Springer US.

[12]  Martine De Cock,et al.  Ranking Approaches for Microblog Search , 2010, 2010 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology.

[13]  Fabrício Benevenuto,et al.  Reverse engineering socialbot infiltration strategies in Twitter , 2014, 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM).

[14]  Markus Jakobsson,et al.  Why and How to Perform Fraud Experiments , 2008, IEEE Security & Privacy.

[15]  Kathryn A. Ingle,et al.  Reverse Engineering , 1996, Springer US.

[16]  D. Pinto Secrets and Lies: Digital Security in a Networked World , 2003 .