{"title":"Scamming higher ed: An analysis of phishing content and trends","authors":"Ethan Morrow","doi":"10.1016/j.chb.2024.108274","DOIUrl":null,"url":null,"abstract":"<div><p>Universities are frequent targets of cyberattacks. This investigation seeks to explore common phishing techniques targeting institutions of higher education. This study analyzes the content and message features of a sample of 2300 emails from 2010 to 2023 collected from Cornell's Phish Bowl, including topics, persuasive appeals, emotional appeals, and spelling errors. Using analyses of association and text mining, the work maps out changes in phishing trends over time. One major finding is that security-focused phish have been replaced by those attempting to reflect routine university life, such as job offer scams. Additionally, this study identifies authority and scarcity as common persuasive appeals in phishing attempts and demonstrates a decrease in spelling errors over time. These findings have practical implications for cybersecurity training and awareness. They may also guide future work seeking to determine user susceptibility to phishing by providing insight into frequent attacks.</p></div>","PeriodicalId":48471,"journal":{"name":"Computers in Human Behavior","volume":null,"pages":null},"PeriodicalIF":9.0000,"publicationDate":"2024-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0747563224001420/pdfft?md5=90f5c7925ab0106eb164c224727f9a4c&pid=1-s2.0-S0747563224001420-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers in Human Behavior","FirstCategoryId":"102","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0747563224001420","RegionNum":1,"RegionCategory":"心理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"PSYCHOLOGY, EXPERIMENTAL","Score":null,"Total":0}
引用次数: 0
Abstract
Universities are frequent targets of cyberattacks. This investigation seeks to explore common phishing techniques targeting institutions of higher education. This study analyzes the content and message features of a sample of 2300 emails from 2010 to 2023 collected from Cornell's Phish Bowl, including topics, persuasive appeals, emotional appeals, and spelling errors. Using analyses of association and text mining, the work maps out changes in phishing trends over time. One major finding is that security-focused phish have been replaced by those attempting to reflect routine university life, such as job offer scams. Additionally, this study identifies authority and scarcity as common persuasive appeals in phishing attempts and demonstrates a decrease in spelling errors over time. These findings have practical implications for cybersecurity training and awareness. They may also guide future work seeking to determine user susceptibility to phishing by providing insight into frequent attacks.
期刊介绍:
Computers in Human Behavior is a scholarly journal that explores the psychological aspects of computer use. It covers original theoretical works, research reports, literature reviews, and software and book reviews. The journal examines both the use of computers in psychology, psychiatry, and related fields, and the psychological impact of computer use on individuals, groups, and society. Articles discuss topics such as professional practice, training, research, human development, learning, cognition, personality, and social interactions. It focuses on human interactions with computers, considering the computer as a medium through which human behaviors are shaped and expressed. Professionals interested in the psychological aspects of computer use will find this journal valuable, even with limited knowledge of computers.