发布求助
文献互助 智能选刊 最新文献

2020 APWG Symposium on Electronic Crime Research (eCrime)最新文献

筛选
英文 中文
Empirical Analysis of Losses from Business-Email Compromise 企业电子邮件泄露造成的损失实证分析
2020 APWG Symposium on Electronic Crime Research (eCrime) Pub Date : 2020-11-16 DOI: 10.1109/eCrime51433.2020.9493250
Geoffrey Simpson, T. Moore
{"title":"Empirical Analysis of Losses from Business-Email Compromise","authors":"Geoffrey Simpson, T. Moore","doi":"10.1109/eCrime51433.2020.9493250","DOIUrl":"https://doi.org/10.1109/eCrime51433.2020.9493250","url":null,"abstract":"We examine approximately nine months of data on losses from business email compromise (BEC) reported to the FBI’s Internet Crime Complaint Center in 2017. We describe the empirically observed loss distribution. We study differences in the amounts attempted stolen when the attacks were successful or not. We show that money stolen and transmitted internationally is less likely to be recovered. We also find, somewhat surprisingly, that illicit transfers to in-state banks are also more likely to succeed. Finally, we study state-level differences among BEC target selection and asset recovery.","PeriodicalId":103272,"journal":{"name":"2020 APWG Symposium on Electronic Crime Research (eCrime)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117087631","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
SemanticPhish: A Semantic-based Scanning System for Early Detection of Phishing Attacks 语义网络钓鱼:一种基于语义的网络钓鱼攻击早期检测系统
2020 APWG Symposium on Electronic Crime Research (eCrime) Pub Date : 2020-11-16 DOI: 10.1109/eCrime51433.2020.9493252
Q. Cui, Guy-Vincent Jourdan, G. Bochmann, Iosif-Viorel Onut
{"title":"SemanticPhish: A Semantic-based Scanning System for Early Detection of Phishing Attacks","authors":"Q. Cui, Guy-Vincent Jourdan, G. Bochmann, Iosif-Viorel Onut","doi":"10.1109/eCrime51433.2020.9493252","DOIUrl":"https://doi.org/10.1109/eCrime51433.2020.9493252","url":null,"abstract":"In the fight against phishing attacks, time is of the essence. Each individual attack is usually short-lived, but many people are still victimized during that short timeframe. To curb the problem, one way is to detect the attack shortly after the site is deployed, before victims have a chance to access it. Monitoring every new URL on the internet clearly is not a practical option, but monitoring sites that have a good chance of hosting an attack can be done. One of the ways to spot such a site is to monitor domain names. It is known that a growing number of phishing attacks are hosted by the attacker [1], [2], using their own domain names. Therefore, domain names might help spotting likely attacks. In this paper, we look at the following questions: can we currently tell apart domain names used in phishing attacks from other domains? If so, can we train a system to automatically detect these domains? And can such a system find attacks before they are being reported by victims? We show that the semantic of the words used by many phishing domains is different from the semantic of the words used by benign domain names, and that we can train a classifier to reliably flag these domains. We propose a system, SemanticPhish, which efficiently monitors these domains and is able to detect many phishing attacks without requiring the attack to be reported first. SemanticPhish can find attacks several days before Google’s “safe browsing” starts flagging them.","PeriodicalId":103272,"journal":{"name":"2020 APWG Symposium on Electronic Crime Research (eCrime)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126575321","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Resource Networks of Pet Scam Websites 宠物诈骗网站的资源网络
2020 APWG Symposium on Electronic Crime Research (eCrime) Pub Date : 2020-08-22 DOI: 10.1109/eCrime51433.2020.9493253
Benjamin Price, Matthew Edwards
{"title":"Resource Networks of Pet Scam Websites","authors":"Benjamin Price, Matthew Edwards","doi":"10.1109/eCrime51433.2020.9493253","DOIUrl":"https://doi.org/10.1109/eCrime51433.2020.9493253","url":null,"abstract":"The pet scam is a form of online fraud in which scammers leverage victims’ emotional attachment to fictitious pets as a means for extorting money. Both fraudulent pet seller sites and fraudulent delivery sites are involved in the scam. When sites of either kind are taken down, scammers create new sites, often reusing effective content from previous scams.We explore connections within the largest current collection of pet scam websites, examining four distinct types of resource sharing that are indicative of shared authorship. We find that 90% of all accessible sites share at least one form of connection to another known site, including many identifiable links between seller and delivery sites, and that some scam authors could be behind hundreds of individual scam websites. We partially validate our linkage methods using domain registration data, and discuss the implications of using different connection types to analyse online fraud more generally.","PeriodicalId":103272,"journal":{"name":"2020 APWG Symposium on Electronic Crime Research (eCrime)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129066530","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Don’t Fish in Troubled Waters! Characterizing Coronavirus-themed Cryptocurrency Scams 不要浑水摸鱼!描述以冠状病毒为主题的加密货币骗局
2020 APWG Symposium on Electronic Crime Research (eCrime) Pub Date : 2020-07-27 DOI: 10.1109/eCrime51433.2020.9493255
Pengcheng Xia, Haoyu Wang, Xiapu Luo, Lei Wu, Yajin Zhou, Guangdong Bai, Guoai Xu, Gang Huang, Xuanzhe Liu
{"title":"Don’t Fish in Troubled Waters! Characterizing Coronavirus-themed Cryptocurrency Scams","authors":"Pengcheng Xia, Haoyu Wang, Xiapu Luo, Lei Wu, Yajin Zhou, Guangdong Bai, Guoai Xu, Gang Huang, Xuanzhe Liu","doi":"10.1109/eCrime51433.2020.9493255","DOIUrl":"https://doi.org/10.1109/eCrime51433.2020.9493255","url":null,"abstract":"As COVID-19 has been spreading across the world since early 2020, a growing number of malicious campaigns are capitalizing the topic of COVID-19. COVID-19 themed cryptocurrency scams are increasingly popular during the pandemic. However, these newly emerging scams are poorly understood by our community. In this paper, we present the first measurement study of COVID-19 themed cryptocurrency scams. We first create a comprehensive taxonomy of COVID-19 scams by manually analyzing the existing scams reported by users from online resources. Then, we propose a hybrid approach to perform the investigation by: 1) collecting reported scams in the wild; and 2) detecting undisclosed ones based on information collected from suspicious entities (e.g., domains, tweets, etc). We have collected 195 confirmed COVID-19 cryptocurrency scams in total, including 91 token scams, 19 giveaway scams, 9 blackmail scams, 14 crypto malware scams, 9 Ponzi scheme scams, and 53 donation scams. We then identified over 200 blockchain addresses associated with these scams, which lead to at least 330K US dollars in losses from 6,329 victims. For each type of scams, we further investigated the tricks and social engineering techniques they used. To facilitate future research, we have released all the well-labelled scams to the research community.","PeriodicalId":103272,"journal":{"name":"2020 APWG Symposium on Electronic Crime Research (eCrime)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-07-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127792734","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信