An Exploration of the Design Features of Phishing Attacks

Phishing is a growing phenomenon, which has not only caused billions in losses, but also has eroded consumer confidence in online transactions. To develop effective countermeasures, we need to understand how phishing e-mails exploit human vulnerabilities. We develop a framework to explore phishing from the perspective of victims. The framework helps understand different features that are utilized by phishers in designing e-mails and websites. We further explore the design patterns of phishing attacks. We collect 195 phishing records from the antiphishing work group website. Using content analysis and two-step cluster analysis, we examine those attacks for the presence of design features identified through our framework. We find that phishing attacks in different time periods present different characteristics, and the quality of phishing attacks have advanced consistently over time. Finally, on the basis of the location of the phishing hosts, we group the

[1]  S. C. Johnson Hierarchical clustering schemes , 1967, Psychometrika.

[2]  Walter Schneider,et al.  Controlled and Automatic Human Information Processing: 1. Detection, Search, and Attention. , 1977 .

[3]  Walter Schneider,et al.  Controlled and automatic human information processing: II. Perceptual learning, automatic attending and a general theory. , 1977 .

[4]  G. Schwarz Estimating the Dimension of a Model , 1978 .

[5]  Klaus Krippendorff,et al.  Content Analysis: An Introduction to Its Methodology , 1980 .

[6]  P. Kleinginna,et al.  A categorized list of motivation definitions, with a suggestion for a consensual definition , 1981 .

[7]  J. Cacioppo,et al.  The Elaboration Likelihood Model of Persuasion , 1986 .

[8]  John T. Cacioppo,et al.  The Elaboration Likelihood Model of Persuasion , 1986, Advances in Experimental Social Psychology.

[9]  Tian Zhang,et al.  BIRCH: an efficient data clustering method for very large databases , 1996, SIGMOD '96.

[10]  Clay Spinuzzi,et al.  Context and consciousness: Activity theory and human-computer interaction , 1997 .

[11]  M. Banerjee,et al.  Beyond kappa: A review of interrater agreement measures , 1999 .

[12]  Maureen L. Mackenzie The Classification, Storage and Retrieval of Electronic Mail-Two Exploratory Studies. , 2000 .

[13]  J. Wyatt Decision support systems. , 2000, Journal of the Royal Society of Medicine.

[14]  William L. Simon,et al.  The Art of Deception: Controlling the Human Element of Security , 2001 .

[15]  Kimberly A. Neuendorf,et al.  The Content Analysis Guidebook , 2001 .

[16]  Geri Gay,et al.  Collaboration in wireless learning networks , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[17]  George Cybenko,et al.  Cognitive Hacking: A Battle for the Mind , 2002, Computer.

[18]  Han Zhang,et al.  Trust Promoting Seals in Electronic Markets , 2002 .

[19]  Jacquelyn A. Burkell,et al.  Believe it or not: Factors influencing credibility on the Web , 2002, J. Assoc. Inf. Sci. Technol..

[20]  Jeffrey Barlow,et al.  The Art of Deception, Controlling the Human Element of Security , 2003 .

[21]  Elias Levy Interface Illusions , 2004, IEEE Secur. Priv..

[22]  Mike Presdee Cultural Criminology: , 2004 .

[23]  Jonathan J. Oliver,et al.  Anatomy of a Phishing Email , 2004, CEAS.

[24]  H. Raghav Rao,et al.  A multidimensional trust formation model in B-to-C e-commerce: a conceptual framework and content analyses of academia/practitioner perspectives , 2005, Decis. Support Syst..

[25]  N. Kshetri Pattern of Global Cyber War and Crime: A Conceptual Framework , 2005 .

[26]  Christopher Abad,et al.  The economy of phishing: A survey of the operations of the phishing market , 2005, First Monday.

[27]  Shuk Ying Ho,et al.  Web Personalization as a Persuasion Strategy: An Elaboration Likelihood Model Perspective , 2005, Inf. Syst. Res..

[28]  Dora M. Y. Tam,et al.  Child abuse in Chinese families in Canada , 2005 .

[29]  Rajiv Kishore,et al.  From DQ to EQ , 2005, Commun. ACM.

[30]  Avivah Litan Phishing Attack Victims Likely Targets for Identity Theft , 2005 .

[31]  Anol Bhattacherjee,et al.  Influence Processes for Information Technology Acceptance: An Elaboration Likelihood Model , 2006, MIS Q..

[32]  Byungjoon Yoo,et al.  Paradox of Information Quality: Do Consumers Pay More for Premium Product Information on E-commerce Sites? , 2006, AMCIS.

[33]  Norman M. Sadeh,et al.  Learning to detect phishing emails , 2007, WWW '07.

[34]  JinKyu Lee,et al.  Perceived risks, counter-beliefs, and intentions to use anti-/counter-terrorism websites: An exploratory study of government-citizens online interactions in a turbulent environment , 2007, Decis. Support Syst..