Phishing Evolves: Analyzing the Enduring Cybercrime

Ghazi-Tehrani, Adam Kavon; Pontell, Henry N.

doi:10.1080/15564886.2020.1829224

Phishing Evolves: Analyzing the Enduring Cybercrime

Phishing, the fraudulent attempt to obtain sensitive information by disguising oneself as a trustworthy entity via electronic communication, has quickly evolved beyond low-skill schemes that relied on casting “a wide net.” Spear phishing attacks target a particular high-value individual utilizing so...

Descripción completa

Guardado en:

Detalles Bibliográficos
Autor principal:	Ghazi-Tehrani, Adam Kavon (Autor)
Otros Autores:	Pontell, Henry N.
Tipo de documento:	Electrónico Artículo
Lenguaje:	Inglés
Publicado:	2021
En:	Victims & offenders Año: 2021, Volumen: 16, Número: 3, Páginas: 316-342
Acceso en línea:	Volltext (Resolving-System) Volltext (Verlag)
Journals Online & Print:	Gargar...
Verificar disponibilidad:	HBZ Gateway
Palabras clave:	Routine Activities Technology Theories Victimization

Descripción
Sumario:	Phishing, the fraudulent attempt to obtain sensitive information by disguising oneself as a trustworthy entity via electronic communication, has quickly evolved beyond low-skill schemes that relied on casting “a wide net.” Spear phishing attacks target a particular high-value individual utilizing sophisticated techniques. This study aims to describe the current state of phishing, the expected technological advances and developments of the near future, and the best prevention and enforcement strategies. Data comes from interviews with approximately 60 information technology security professionals, “hackers,” and academic researchers. Routine Activity Theory provided an operational framework; while it is an imperfect fit for most crimes, it provides enough explanatory power for cyber-crimes. Interviewees mainly agreed: First, technological advances increase the proliferation of phishing attacks, but also aid in their detection. It has never been easier to conduct a simple attack, but a good attack requires more effort than ever before. Second, phishing is directly responsible financial fraud and, indirectly, as the primary attack vector for ransomware. Third, newer types of attacks utilizing technology, like deepfakes, will make the problem worse in the short-term. Fourth, prevention will come from machine learning and public education akin to WIFI security improvement via the combination of encryption and password awareness.
ISSN:	1556-4991
DOI:	10.1080/15564886.2020.1829224