spear phishing email versus facebook
play

Spear Phishing: Email versus Facebook Joint work with Freya - PowerPoint PPT Presentation

Aug 16, 2022 •264 likes •356 views

Dagstuhl Seminar: Cybersafety in Modern Online Social Networks September 2017 Spear Phishing: Email versus Facebook Joint work with Freya Gassmann, Anna Girard, Nadina Hintz, Robert Landwirth, Andreas Luder Zinaida Benenson

  1. Dagstuhl Seminar: Cybersafety in Modern Online Social Networks September 2017 Spear Phishing: Email versus Facebook Joint work with Freya Gassmann, Anna Girard, Nadina Hintz, Robert Landwirth, Andreas Luder Zinaida Benenson zinaida.benenson@fau.de Friedrich-Alexander-Universität Erlangen-Nürnberg

  2. Study 2 Study 1 Hey <receiver’s first name>, Hey , the New Year’s Eve party was here are the pictures great! here are the pictures: from the last week: http://131.188.31.163 / photocloud/ <USER ID> Benenson, Z., Girard, A. Hintz, N., Luder, A. Benenson, Z., Gassmann, F., Landwirth, R. Susceptibility to URL-based Internet Attacks: Unpacking Spear Phishing Susceptibility. Facebook vs. Email. Targeted Attacks Workshop 2017 6th International Workshop on SEcurity and SOCial Networking 2014 Spear Phishing: Email vs. Facebook Zinaida Benenson 2 Dagstuhl, Sept. 2017

  3. Clicking Behavior: Email vs. Facebook Addressing by name important in emails, but not on Facebook? Disclaimer: Study 1 ≠ Study 2!!! (different user groups, different messages) 100% 56% 42.5% 50% 38% 89/158 20% 119/280 90/240 194/975 0% Studie 1: E-Mail Studie 1: Studie 2: E-Mail Studie 2: Study 1: Study 1: Study 2: Study 2: Facebook Facebook Email Facebook Email Facebook Spear Phishing: Email vs. Facebook Zinaida Benenson 3 Dagstuhl, Sept. 2017

  4. How Do People Explain Their Clicking or Non-Clicking? Spear Phishing: Email vs. Facebook Zinaida Benenson 4 Dagstuhl, Sept. 2017

  5. Reasons for Clicking (117 answers, some people reported multiple reasons) • Curiosity: 34% • Fits recipient’s context: 27% • Investigation: 17% • Known sender: 16% • … • Fear: 7% Spear Phishing: Email vs. Facebook Zinaida Benenson 5 Dagstuhl, Sept. 2017

  6. Could This Happen to YOU? Spear Phishing: Email vs. Facebook Zinaida Benenson 6 Dagstuhl, Sept. 2017

  7. From: john.smith@turner.com To: zinaida.benenson@fau.de Subject: CNN request -- about your upcoming Black Hat talk Zinaida, John at CNN here. I’m the news network’s cybersecurity reporter. Here’s a link to my work, in case you’re not familiar with it. I saw the description of your upcoming Black Hat talk. Your topic looks fantastic! Can we get an exclusive look at your research and write the first news story about it? Luckily, this message was genuine Cheers, But it could have been an attack! John Smith All targeting information was available online john.smith@CNN.com Spear Phishing: Email vs. Facebook Zinaida Benenson 7 Dagstuhl, Sept. 2017

  8. Targeting • General principles – Personalization – Plausibility of content & context – Emotions (positive and negative) – Automatic reactions • Email versus Facebook – Interface: salience of the sender – Communication patterns – Handling of messages – Trustworthiness of the platform? Spear Phishing: Email vs. Facebook Zinaida Benenson 8 Dagstuhl, Sept. 2017

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Federal Information Systems Security Education Association Spear Phishing Agenda Definition

Federal Information Systems Security Education Association Spear Phishing Agenda Definition

Federal Information Systems Security Education Association Spear Phishing Agenda Definition of spear phishing Why is spear phishing so valuable to attackers Spear phishing defenses / countermeasures Training concepts and delivery

434 views • 8 slides
Spotting and Stopping Business Email Compromise Attacks How spear phishing and BEC attacks

Spotting and Stopping Business Email Compromise Attacks How spear phishing and BEC attacks

Spotting and Stopping Business Email Compromise Attacks How spear phishing and BEC attacks require a full- lifecycle approach to email security Paul Roberts, Editor in Chief Speakers Kevin OBrien, CEO 2:00 - 2:05 Introductions,

483 views • 23 slides
One Size Does Not Fit All: Demographic Differences in Spear Phishing Susceptibilty Cameron

One Size Does Not Fit All: Demographic Differences in Spear Phishing Susceptibilty Cameron

One Size Does Not Fit All: Demographic Differences in Spear Phishing Susceptibilty Cameron Merrill CS 563 Advanced Computer Security October 10th 2018 Oliveira et al. 2017 at a glance CHI 2017 Spear Phishing Susceptibility: = F(

390 views • 20 slides
Tech Briefing Email Security (Phishing) VPN File Storage Phishing Awareness What is Phishing?

Tech Briefing Email Security (Phishing) VPN File Storage Phishing Awareness What is Phishing?

Tech Briefing Email Security (Phishing) VPN File Storage Phishing Awareness What is Phishing? Phishing email messages, websites, and phone calls are designed to steal money or sensitive information. Cybercriminals can do this by installing

264 views • 24 slides
Social Engineering Phishing &amp; More Phishing Fake Email Accounts Real Email Accounts

Social Engineering Phishing &amp; More Phishing Fake Email Accounts Real Email Accounts

Social Engineering Phishing &amp; More Phishing Fake Email Accounts Real Email Accounts DrLaneA@mail.com b.miller@tcu.edu Bursar-SecureServices@me.com jbickford@necc.mass.edu No proof of identity Could already be compromised

343 views • 7 slides
Optimal Personalized Filtering Against Spear-Phishing Attacks Aron Laszka, Yevgeniy

Optimal Personalized Filtering Against Spear-Phishing Attacks Aron Laszka, Yevgeniy

Optimal Personalized Filtering Against Spear-Phishing Attacks Aron Laszka, Yevgeniy Vorobeychik, and Xenofon Koutsoukos Institute for Software Integrated Systems Department of Electrical Engineering and Computer Science Malicious E-Mails

315 views • 14 slides
Detecting Credential Spear-phishing Attacks at LBNL Aashish Sharma (Grant Ho, Mobin Javed, Vern

Detecting Credential Spear-phishing Attacks at LBNL Aashish Sharma (Grant Ho, Mobin Javed, Vern

Detecting Credential Spear-phishing Attacks at LBNL Aashish Sharma (Grant Ho, Mobin Javed, Vern Paxson, David Wagner) September 2017 #BroCon2017 UNIVERSITY OF CALIFORNIA 80 Years of World-Leading Team Science at Lawrence Berkeley National

1.1k views • 70 slides
How to Identify a Phishing Email Brought to you by Information Security Services An email address

How to Identify a Phishing Email Brought to you by Information Security Services An email address

How to Identify a Phishing Email Brought to you by Information Security Services An email address that tries to disguise itself as legitimate A generic greeting An email that demands immediate action CWU warning message indicates the email

268 views • 8 slides
Phishing Junxiao Shi, Sara Saleem University of Arizona Apr 23, 2012 1 Introduction 2 Email

Phishing Junxiao Shi, Sara Saleem University of Arizona Apr 23, 2012 1 Introduction 2 Email

Phishing Junxiao Shi, Sara Saleem University of Arizona Apr 23, 2012 1 Introduction 2 Email Spoofing 3 Web Spoofing 4 Pharming 5 Malware 6 Phishing through PDF 7 References What is Phishing a form of social engineering to fraudulently retrieve

640 views • 38 slides
Training employees to recognise and avoid phishing threats Agenda Today, we will be exploring:

Training employees to recognise and avoid phishing threats Agenda Today, we will be exploring:

Training employees to recognise and avoid phishing threats Agenda Today, we will be exploring: What is phishing? How phishing can damage a business What are the difgerent types of phishing? How to spot a phishing email What to do if

159 views • 12 slides
Phi.sh/$oCiaL: The Phishing landscape through Short URL's 1. Introduction With the advent of

Phi.sh/$oCiaL: The Phishing landscape through Short URL's 1. Introduction With the advent of

Phi.sh/$oCiaL: The Phishing landscape through Short URL's 1. Introduction With the advent of Web 2.0 technologies, social services like Twitter, Facebook, and MySpace have emerged as popular media for information sharing; While phishing

813 views • 33 slides
Dont Take The Bait: How To Stay Safe From Phishing Goals After this section, youll be able

Dont Take The Bait: How To Stay Safe From Phishing Goals After this section, youll be able

Dont Take The Bait: How To Stay Safe From Phishing Goals After this section, youll be able to: Define phishing Identify signs of a potential phishing email Know where to report phishing emails to and how to report them

168 views • 15 slides
The Art of Phishing : What you should know Arvind Vishwakarma 05/24/2019 Agenda 1. Phishing

The Art of Phishing : What you should know Arvind Vishwakarma 05/24/2019 Agenda 1. Phishing

The Art of Phishing : What you should know Arvind Vishwakarma 05/24/2019 Agenda 1. Phishing In a Nutshell 2. Phishing Types &amp; Techniques 3. Phishing Stats &amp; Modern Trends 4. Case-Study 5. Stay Safe 2 Speaker ABOUT ME

478 views • 24 slides
Phishing Email Detection Info courtesy of www.itgovernance.co.uk 1 Message sent from a public

Phishing Email Detection Info courtesy of www.itgovernance.co.uk 1 Message sent from a public

Phishing Email Detection Info courtesy of www.itgovernance.co.uk 1 Message sent from a public email domain No legitimate organization will contact you from an email address that ends in @ gmail.com . 2 3 Domain names are

470 views • 16 slides
Phishing Fishing or Phishing? Definition Phishing: an attempt to trick victims into sharing

Phishing Fishing or Phishing? Definition Phishing: an attempt to trick victims into sharing

Phishing Fishing or Phishing? Definition Phishing: an attempt to trick victims into sharing sensitive information such as passwords, usernames, and credit card details for malicious reasons. Phishing can be in the form of emails, social

530 views • 20 slides
Retreat IT Presentation Rick OToole Phishing Awareness What is Phishing? Phishing is the

Retreat IT Presentation Rick OToole Phishing Awareness What is Phishing? Phishing is the

School of Fin ine Arts Retreat IT Presentation Rick OToole Phishing Awareness What is Phishing? Phishing is the attempt to obtain personal information such as passwords and logins for malicious purposes. By appearing to be legitimate the

255 views • 13 slides
1 Logic for Reasoning about Truth: Outline Where Should We Start? Prereqs, Learning Goals,

1 Logic for Reasoning about Truth: Outline Where Should We Start? Prereqs, Learning Goals,

snick Introductions, again snack Steven Wolfman &lt;wolf@cs.ubc.ca&gt; CPSC 121: Models of Computation ICICS 239; office hours listed on the website 2016W2 I also have an open door policy: If my door is open, come in and talk!

623 views • 5 slides
Embedded Management Interfaces e t u p m Emerging Massive Insecurity o C d r o f

Embedded Management Interfaces e t u p m Emerging Massive Insecurity o C d r o f

b a L y t i r u c e S r Embedded Management Interfaces e t u p m Emerging Massive Insecurity o C d r o f Hristo Bojinov Elie Bursztein Dan Boneh n a Stanford Computer Security Lab t S Thursday, July 30, 2009

1.86k views • 160 slides
Ethics in the age of Informatics, Big Data and AI Professor dr. May Thorseth, Dept. of Philosophy

Ethics in the age of Informatics, Big Data and AI Professor dr. May Thorseth, Dept. of Philosophy

Ethics in the age of Informatics, Big Data and AI Professor dr. May Thorseth, Dept. of Philosophy and Religious Studies, NTNU Director of Programme for Applied Ethics, NTNU Email: may.thorseth@ntnu.no Informatics Europe 2018 Chalmers 9

581 views • 28 slides
Finding Third - party Risks Fourteenforty Research Institute, Inc.

Finding Third - party Risks Fourteenforty Research Institute, Inc.

Fourteenforty Research Institute, Inc. Kyoto, 2012 FIRST Technical Colloquium Sma martphone tphone Securi ecurity ty and Finding Third - party Risks Fourteenforty Research Institute, Inc. http://www.fourteenforty.jp Tsukasa Oi

644 views • 36 slides
Black Holes (Sec. 22.5, 6, 7, 8 in textbook) 22.5 Black Holes The mass of a neutron star cannot

Black Holes (Sec. 22.5, 6, 7, 8 in textbook) 22.5 Black Holes The mass of a neutron star cannot

Black Holes (Sec. 22.5, 6, 7, 8 in textbook) 22.5 Black Holes The mass of a neutron star cannot exceed about 3 solar masses. If a core remnant is more massive than that, nothing will stop its collapse, and it will become smaller and smaller and

609 views • 14 slides
Primordial Black Holes in Cosmology Lectures 1 &amp; 2 : What are PBHs? Do they exist? Massimo

Primordial Black Holes in Cosmology Lectures 1 &amp; 2 : What are PBHs? Do they exist? Massimo

Primordial Black Holes in Cosmology Lectures 1 &amp; 2 : What are PBHs? Do they exist? Massimo Ricotti (University of Maryland, USA) Institute of Cosmos Sciences, University of Barcelona 23/10/2017 What are Primordial Black Holes? May have

749 views • 34 slides
Black holes in higher dimensions U. Sperhake CSIC-IEEC Barcelona DAMTP , Camrbidge University

Black holes in higher dimensions U. Sperhake CSIC-IEEC Barcelona DAMTP , Camrbidge University

Black holes in higher dimensions U. Sperhake CSIC-IEEC Barcelona DAMTP , Camrbidge University SFB/TR7 Semi Annual Meeting, Garching 17 nd October 2012 U. Sperhake (CSIC-IEEC, DAMTP Cambridge) Black holes in higher dimensions 17/10/2012 1 /

537 views • 42 slides
Black hole interiors, state dependence, and modular inclusions 1811.08900 Ro Jefferson Gravity,

Black hole interiors, state dependence, and modular inclusions 1811.08900 Ro Jefferson Gravity,

Black hole interiors, state dependence, and modular inclusions 1811.08900 Ro Jefferson Gravity, Quantum Fields &amp; Information Albert Einstein Institute www.aei.mpg.de/GQFI It from Qubit, YITP Kyoto May 31st, 2019 Mirror operators as

390 views • 13 slides

More recommend