An official website of the United States government
In 2022, the Anti-Phishing Working Group reported a 70% increase in SMS and voice phishing attacks. Hard data on SMS phishing is hard to come by, as are insights into how SMS phishers operate. Lack of visibility prevents law enforcement, regulators, providers, and researchers from understanding and confronting this growing problem. In this paper, we present the results of extracting phishing messages from over 200 million SMS messages posted over several years on 11 public SMS gateways on the web. From this dataset we identify 67,991 phishing messages, link them together into 35,128 campaigns based on sharing near-identical content, then identify related campaigns that share infrastructure to identify over 600 distinct SMS phishing operations. This expansive vantage point enables us to determine that SMS phishers use commodity cloud and web infrastructure in addition to self-hosted URL shorteners, their infrastructure is often visible days or weeks on certificate transparency logs earlier than their messages, and they reuse existing phishing kits from other phishing modalities. We are also the first to examine in-place network defenses and identify the public forums where abuse facilitators advertise openly. These methods and findings provide industry and researchers new directions to explore to combat the growing problem of SMS phishing.
more »
« less
Phishing Attack Awareness
Phishing Attacks, cybercrime in which a target(s) is contacted by someone posing as a legitimate institution to lure individuals into providing sensitive data. The problem at stake is most people who use smartphones, tablets, and computers do not know how to protect themselves from phishing attacks, making themselves susceptible to data theft. This paper will use research of phishing attack types, what makes those more vulnerable to phishing attacks, and how to detect and report them. Additionally, I will interview a Department of Homeland Security employee working in cybersecurity as they have an insightful perspective on the problem. I will combine my research and in-person interview to conduct a literary search on the best methods to prevent and avoid phishing attacks for the average technology user to practice, especially children. This will give a valuable solution to the problem, decreasing the rate at which phishing attacks are successful.
more »
« less
- Award ID(s):
- 1754054
- PAR ID:
- 10344955
- Date Published:
- Journal Name:
- ADMI 2022:The Symposium of Computing at Minority Institutions
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
The advanced capabilities of Large Language Models (LLMs) have made them invaluable across various applications, from conversational agents and content creation to data analysis, research, and innovation. However, their effectiveness and accessibility also render them susceptible to abuse for generating malicious content, including phishing attacks. This study explores the potential of using four popular commercially available LLMs, i.e., ChatGPT (GPT 3.5 Turbo), GPT 4, Claude, and Bard, to generate functional phishing attacks using a series of malicious prompts. We discover that these LLMs can generate both phishing websites and emails that can convincingly imitate well-known brands and also deploy a range of evasive tactics that are used to elude detection mechanisms employed by anti-phishing systems. These attacks can be generated using unmodified or "vanilla" versions of these LLMs without requiring any prior adversarial exploits such as jailbreaking. We evaluate the performance of the LLMs towards generating these attacks and find that they can also be utilized to create malicious prompts that, in turn, can be fed back to the model to generate phishing scams - thus massively reducing the prompt-engineering effort required by attackers to scale these threats. As a countermeasure, we build a BERT-based automated detection tool that can be used for the early detection of malicious prompts to prevent LLMs from generating phishing content. Our model is transferable across all four commercial LLMs, attaining an average accuracy of 96% for phishing website prompts and 94% for phishing email prompts. We also disclose the vulnerabilities to the concerned LLMs, with Google acknowledging it as a severe issue. Our detection model is available for use at Hugging Face, as well as a ChatGPT Actions plugin.more » « less
-
null (Ed.)"Abstract—The need for increasing diversity in engineering has paved the road for a rich wealth of literature exploring the experiences of marginalized students in these spaces. Much of this literature utilizes qualitative methodology to understand the experiences of these students, as told through their own words. However, work of this nature can often be influenced by the implicit biases that the researcher carries, as well as the inherent misalignment of power present between researcher and participant. These misalignments may be exacerbated when the researcher is interviewing a marginalized participant, while not identifying as part of a marginalized identity themselves. Students within the LGBTQ+ community may reside at multiple marginalized identities, and as such, the issues surrounding interviewing marginalized identities can be compounded further. Even the most well-intentioned and experienced researcher may find themselves in an interview with a marginalized individual in which implicit biases and unspoken power structures alter the trajectory of the interview. This paper seeks to provide an auto- ethnographic reflection by the first author on the interview of a transgender research participant, while simultaneously providing an opportunity to identify ways in which her interview could have been methodologically improved. This will be accomplished by the first author’s analysis of the interview and meta-data. This analysis is valuable, as the first author identifies as a member of the LGBTQ+ engineering community herself."more » « less
-
This methods paper presents the interview quality reflection tool (IQRT) to evaluate the quality of qualitative research interviews. Qualitative researchers commonly use semi-structured interviews that rely on the interviewers’ ability to improvise in real time based on the needs of the study. Given that interviewing involves numerous tacit skills that cannot be delineated by a simple written protocol, it is necessary that researchers develop interview competencies through practice and reflection. While prior literature on interviewing has often focused on developing interview protocols, we know little about how interviewers themselves may be trained to gather high-quality data. In this paper, we focus on how the IQRT may be used to guide the self-assessment of research interviews. We discuss how interviews are used in engineering education, how we developed and applied the IQRT, and how lessons learned through using this tool might lead to improved interviewing skills through careful examination of interview structure, content, and context within the mentoring process.more » « less
-
null (Ed.)Email remains one of the most widely used methods of communication globally. However, successful phishing email attacks and subsequent costs remain unreasonably high despite technical advances in defenses that limit phishing scams. In this paper, we examine human detection of phishing. We found that non-experts go through four different sensemaking processes to determine if an email is a phishing message; they use different knowledge and skills to become suspicious differently in each process. Additionally, non-experts rely on their social connections as an investigative tool to determine if an email is a phishing scam. We discuss the impact of our findings on phishing training and technology.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- The DOI is not currently available.
