Getting users to click : a content analysis of phishers’ tactics and techniques in mobile instant messaging phishing
Ahmad, Rufai and Terzis, Sotirios and Renaud, Karen (2024) Getting users to click : a content analysis of phishers’ tactics and techniques in mobile instant messaging phishing. Information and Computer Security, 32 (4). pp. 420-435. ISSN 2056-4961 (https://doi.org/10.1108/ICS-11-2023-0206)
Preview |
Text.
Filename: Accepted_Version.pdf
Accepted Author Manuscript License: Download (832kB)| Preview |
Abstract
Purpose: This study aims to investigate how phishers apply persuasion principles and construct deceptive URLs in mobile instant messaging (MIM) phishing. Design/methodology/approach: In total, 67 examples of real-world MIM phishing attacks were collected from various online sources. Each example was coded using established guidelines from the literature to identify the persuasion principles, and the URL construction techniques employed. Findings: The principles of social proof, liking and authority were the most widely used in MIM phishing, followed by scarcity and reciprocity. Most phishing examples use three persuasion principles, often a combination of authority, liking and social proof. In contrast to email phishing but similar to vishing, the social proof principle was the most commonly used in MIM phishing. Phishers implement the social proof principle in different ways, most commonly by claiming that other users have already acted (e.g. crafting messages that indicate the sender has already benefited from the scam). In contrast to email, retail and fintech companies are the most commonly targeted in MIM phishing. Furthermore, phishers created deceptive URLs using multiple URL obfuscation techniques, often using spoofed domains, to make the URL complex by adding random characters and using homoglyphs. Originality/value: The insights from this study provide a theoretical foundation for future research on the psychological aspects of phishing in MIM apps. The study provides recommendations that software developers should consider when developing automated anti-phishing solutions for MIM apps and proposes a set of MIM phishing awareness training tips.
ORCID iDs
Ahmad, Rufai, Terzis, Sotirios ORCID: https://orcid.org/0000-0002-5061-9923 and Renaud, Karen ORCID: https://orcid.org/0000-0002-7187-6531;-
-
Item type: Article ID code: 88978 Dates: DateEvent25 September 2024Published31 January 2024Published Online1 January 2024AcceptedSubjects: Science > Mathematics > Electronic computers. Computer science Department: Faculty of Science > Computer and Information Sciences Depositing user: Pure Administrator Date deposited: 25 Apr 2024 12:52 Last modified: 27 Nov 2024 01:25 URI: https://strathprints.strath.ac.uk/id/eprint/88978