Wilson Huang - A Macro-Level Analysis of Internet Phishing
Download
Report
Transcript Wilson Huang - A Macro-Level Analysis of Internet Phishing
A Macro-Level Analysis of Internet Phishing
Presented by Wilson Huang, Valdosta State University
Phishing Scams
• “Phish” originally refers to a hacked ISP account, which
can be traded between hackers.
• “Phishing” is conceptually analogous to the fraudulent
use of online communications as hooks to “fish” with
baits for account usernames and passwords from the
sea of Internet users.
• Phishing attacks involve deceiving e-mails and
websites of well-known legitimate business designed to
entice Internet users into disclosing their confidential
data.
Steps in Phishing Operations
Step One: Spamming e-mails with institutional
affiliation and bait
•
Sample phishing e-mail
EBAY SENT THIS MESSAGE TO PAUL MAINWARING (0114KAY1969).
Your registered name is included to help confirm this message originated from eBay.
Learn more.
EBAY NEW UNPAID ITEM MESSAGE FROM 0114KAY1969
: #281008991765-- RESPONSE REQUIRED
Dear member,
eBay member 0114kay1969 has left you a
message regarding item #281008991765
VIEW THE DISPUTE THREAD TO RESPOND.
https://www.ebay.com/support
Regards,
Step Two: Web site spoofing
1. Use logos, layout, pop-ups to mimic company
Step Two: Web site spoofing (continued)
2. to superimpose address bar
Step Two: Web site spoofing (continued)
3. Using other visual aids
e.g., VeriSign, TRUST-e, Security padlock
Security area
Step Three: Technical Tricks
to match properties or
disable right-click
Step Three: Technical tricks
using onMouseOver to show the status bar
but hide the phishing link
https://www.paypal.com/webapps/mpp/make-online-payments
Purpose of the Current Study
- to examine whether phishing attacks are
correlated with technological and social
characteristics across nations
Theoretical Perspective of the Study
Social System
Social -Technical Gap
Technical System
Sources: Ackerman (2000), Whitworth (2003, 2006)
Hypothesis: As societies become more advanced in technology,
the lesser the opportunities for cybercrime to occur.
Methods and Variables
A. Unit of Analysis
aggregated data across more than 150 countries
B. Data and Variables
1. Anti-Phishing Working Group semi-annual reports, 2008-2010
Mean score of phishing attacks
Mean score of phishing domains
2. World Bank data series
Sociological/Economic/Health indicators
Fixed broadband Internet subscribers per 100 people
3. International Telecommunication Union annual reports
Percentage of individuals using the Internet
Percentage of households with Internet access at home
Internet Broadband speed in megabits
Descriptive statistics of key variables
N
Mean Score of Phishing
Attacks
Mean Score of Phishing
Domains
Broadband Internet
Subscribers Per 100
People
Percent of Internet
Users
Percent of Households
with Internet Access
Internet Broadband
Speed in Megabits
Mean
Std. Deviation
135
11.29
20.82
135
6.67
11.73
149
10.58
12.72
148
37.96
27.72
137
33.00
29.90
142
1.89
3.66
Analysis and Results
A. Creation of technical system scores
- Factor analysis and reliability analysis
Table 1: Reliability of the technical system items
Cronbach's Alpha Cronbach's Alpha Based N of Items
on Standardized Items
.829
.906
4
B. Correlation Analysis
Table 2: Correlations between phishing measures and technical system score
Mean Score Mean Score Technical
of Phishing of Phishing
System
Attacks
Domains
Score
Pearson
1
Correlation
Mean Score of
Sig. (2-tailed)
Phishing Attacks
N
135
Pearson
.848**
Correlation
Mean Score of
Sig. (2-tailed)
.000
Phishing Domains
N
135
Pearson
-.280**
Correlation
Technical System
Sig. (2-tailed)
.003
Score
N
112
**. Correlation is significant at the 0.01 level (2-tailed).
.848**
-.280**
.000
135
.003
112
1
-.381**
135
.000
112
-.381**
1
.000
112
127
Table 3: Correlations between phishing measures and social indicators
GDP per
Consumer
Labor force,
Labor
Net
Population
Health
Infant
Percent
capita
price index
female (% of
participation
Migration
aged 15-64
Expenditure
Mortality
Urban
(constant
(2005 = 100)
total labor
rate, total (%
force)
of total
2000 US$)
per capita
population
ages 15+)
-.239**
.123
.048
.082
-.090
-.183*
-.238**
.161
-.381**
Sig.
.008
.182
.602
.375
.324
.044
.007
.068
.000
N
124
120
120
120
122
122
128
130
135
-.267**
.203*
.102
.169
-.113
-.284**
-.250**
.280**
-.376**
Mean Score
Correlation
of Phishing
Attacks
Mean Score
Correlation
of Phishing
Sig.
.003
.026
.269
.065
.217
.002
.004
.001
.000
Domains
N
124
120
120
120
122
122
128
130
135
**. Correlation is significant at the 0.01 level (2-tailed).
*. Correlation is significant at the 0.05 level (2-tailed).
C. Regression Analysis
Table 4: Regressions on phishing domain scores
Unstandardized
Coefficients
Factors used in regression
(Constant)
Technical System Score
Gross national expenditure (constant 2000 US$)
B
3.909
-3.441
-3.841E013
t
Sig.
Std.
Error
14.263
.274
.785
1.635 -2.105
.039
.000
-.749
.456
.036 -2.625
.011
Consumer price index (2005 = 100)
-.096
GDP per capita (constant 2000 US$)
.000
.000
.900
.371
Labor force, female (% of total labor force)
.204
.143
1.429
.157
-.093
.099
-.935
.353
6.476E008
.000
.071
.943
Population aged 15-64
.204
.174
1.173
.245
Health Expenditure per capita
.000
.001
-.462
.645
Infant Mortality
.092
.059
1.556
.124
.042 -1.641
.105
Labor participation rate, total (% of total
population ages 15+)
Net Migration
Percent Urbanization
-.069
Table 5: Regressions on phishing attack scores
Factors used in regression
(Constant)
Technical System Score
Unstandardized
Coefficients
B
Std.
Error
9.899 17.968
t
Sig.
.551
.583
-3.780
2.059
-1.836
.071
-5.124E013
.000
-.793
.430
Consumer price index (2005 = 100)
-.099
.046
-2.145
.035
GDP per capita (constant 2000 US$)
.000
.000
.657
.513
Labor force, female (% of total labor
force)
.117
.180
.648
.519
-.061
.125
-.483
.631
.000
.245
.807
.219
1.011
.315
.000
.001
-.414
.680
.059
-.107
.074
.053
.789
-2.007
.433
.049
Gross national expenditure (constant
2000 US$)
Labor participation rate, total (% of total
population ages 15+)
Net Migration
Population aged 15-64
Health Expenditure per capita
Infant Mortality
Percent Urbanization
2.797E007
.222
Future Research
Assessing mitigation efforts via phishing live time
.
Source: Anti-Phishing Working Group
Future Research
Examining spam volumes and their correlation
with phishing attacks
Russian Federation
India
Vietnam
Republic of Korea/
Indonesia
Source: Cisco Annual Security Report
Conclusion
Given that cybercrime attacks in the socialtechnical gap are unavoidable, more
research and crime prevention efforts can
focus on the impacts of progressing
technologies on emerging crimes involving
human interactions.