Phi.sh/$oCiaL
- 1 September 2011
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
Abstract
Size, accessibility, and rate of growth of Online Social Media (OSM) has attracted cyber crimes through them. One form of cyber crime that has been increasing steadily is phishing, where the goal (for the phishers) is to steal personal information from users which can be used for fraudulent purposes. Although the research community and industry has been developing techniques to identify phishing attacks through emails and instant messaging (IM), there is very little research done, that provides a deeper understanding of phishing in online social media. Due to constraints of limited text space in social systems like Twitter, phishers have begun to use URL shortener services. In this study, we provide an overview of phishing attacks for this new scenario. One of our main conclusions is that phishers are using URL shorteners not only for reducing space but also to hide their identity. We observe that social media websites like Facebook, Habbo, Orkut are competing with e-commerce services like PayPal, eBay in terms of traffic and focus of phishers. Orkut, Habbo, and Facebook are amongst the top 5 brands targeted by phishers. We study the referrals from Twitter to understand the evolving phishing strategy. A staggering 89% of references from Twitter (users) are inorganic accounts which are sparsely connected amongst themselves, but have large number of followers and followees. We observe that most of the phishing tweets spread by extensive use of attractive words and multiple hashtags. To the best of our knowledge, this is the first study to connect the phishing landscape using blacklisted phishing URLs from PhishTank, URL statistics from bit.ly and cues from Twitter to track the impact of phishing in online social media.Keywords
This publication has 18 references indexed in Scilit:
- Information credibility on twitterPublished by Association for Computing Machinery (ACM) ,2011
- SMSAssassinPublished by Association for Computing Machinery (ACM) ,2011
- Uncovering social spammersPublished by Association for Computing Machinery (ACM) ,2010
- What is Twitter, a social network or a news media?Published by Association for Computing Machinery (ACM) ,2010
- Evaluating the Wisdom of Crowds in Assessing Phishing WebsitesLecture Notes in Computer Science, 2008
- Learning to detect phishing emailsPublished by Association for Computing Machinery (ACM) ,2007
- CantinaPublished by Association for Computing Machinery (ACM) ,2007
- Why phishing worksPublished by Association for Computing Machinery (ACM) ,2006
- Phoolproof Phishing PreventionLecture Notes in Computer Science, 2006
- The battle against phishingPublished by Association for Computing Machinery (ACM) ,2005