Phishing During and After Disaster: Hurricane Harvey

Abstract

Hurricane Harvey was a major disaster that struck Texas in August 2017. We wondered whether such disasters are being exploited by phishers, as phishing is one of the most popular attacks. In October 2017, we surveyed the University of Houston population to study their experiences and behavior during/after the storm. Over 300 responses were received. This paper discusses our study design and the results from that survey. Results show that the storm did cause about 6.3% of the participants to change their behavior, i.e., they clicked on links or downloaded attachments they normally would NOT have. An analysis using the symmetric Jensen-Shannon divergence shows that the increased email volume and the timing of arrival or non-arrival of hurricane-related spam had the biggest impacts.