Evaluating the Effectiveness of Phishing Reports on Twitter

Roy, Sayak Saha; Karanjit, Unique; Nilizadeh, Shirin

doi:10.1109/ecrime54498.2021.9738786

Cited by 9 publications

(10 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, a recent study showed that 25% of vulnerabilities appear on social media before the National Vulnerability Database (Brettman 2020), and as a result, numerous threat intelligence tools, such as Spider-Foot (spi 2021) and IntelMQ (Int 2021), started collecting intelligence from social media platforms. Another recent study showed that Twitter phishing reports provide detailed information about phishing threats and include more sophisticated phishing threats that remain undetected by anti-phishing tools (Roy, Karanjit, and Nilizadeh 2021a). However, we argue that such tools are vulnerable to poisoning attacks because social media posts (1) can be posted by an adversary and (2) are weakly monitored, as detecting and removing such misinformation is currently not the priority of social media platforms.…”

Section: Introductionmentioning

confidence: 86%

“…Phishing is a type of social engineering attack through which attackers try to trick victims into disclosing their private and sensitive information (Dhamija, Tygar, and Hearst 2006). To inform other users, some social media users share reports of phishing websites (Roy, Karanjit, and Nilizadeh 2021a). However, false phishing reports can also circulate on these platforms.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Cybersecurity Misinformation Detection on Social Media: Case Studies on Phishing Reports and Zoom’s Threat

Singhal

Nihal

Kinhekar

et al. 2023

ICWSM

View full text Add to dashboard Cite

Prior work has extensively studied misinformation related to news, politics, and health, however, misinformation can also be about technological topics. While less controversial, such misinformation can severely impact companies’ reputations and revenues, and users’ online experiences. Recently, social media has also been increasingly used as a novel source of knowledgebase for extracting timely and relevant security threats, which are fed to the threat intelligence systems for better performance. However, with possible campaigns spreading false security threats, these systems can become vulnerable to poisoning attacks. In this work, we proposed novel approaches for detecting misinformation about cybersecurity and privacy threats on social media, focusing on two topics with different types of misinformation: phishing websites and Zoom’s security & privacy threats. We developed a framework for detecting inaccurate phishing claims on Twitter. Using this framework, we could label about 9% of URLs and 22% of phishing reports as misinformation. We also proposed another framework for detecting misinformation related to Zoom’s security and privacy threats on multiple platforms. Our classifiers showed great performance with more than 98% accuracy. Employing these classifiers on the posts from Facebook, Instagram, Reddit, and Twitter, we found respectively that about 18%, 3%, 4%, and 3% of posts were misinformation. In addition, we studied the characteristics of misinformation posts, their authors, and their timelines, which helped us identify campaigns.

show abstract

Section: Introductionmentioning

confidence: 86%

Section: Introductionmentioning

confidence: 99%

Cybersecurity Misinformation Detection on Social Media: Case Studies on Phishing Reports and Zoom’s Threat

Singhal

Nihal

Kinhekar

et al. 2023

ICWSM

View full text Add to dashboard Cite

show abstract

“…Samuel et al discussed comprehensive security threats and available countermeasures related to ChatGPT [93], including its implications for cybersecurity in big data applications and medical information security [94] [95]. Biswas et al investigated the use of ChatGPT models for detecting common security attacks and potential drawbacks [96], while also highlighting negative aspects, such as the creation of phishing attacks using GPT models, despite its benefits [97]. Roy et al further emphasized that employing ChatGPT could facilitate the creation of phishing websites without the need for adversarial vulnerabilities.…”

Section: B Cyber Securitymentioning

confidence: 99%

ChatGPT vs. Bard: A Comparative Study

Ahmed

Roy

Kajol

et al. 2023

Preprint

View full text Add to dashboard Cite

The rapid progress in conversational AI has given rise to advanced language models capable of generating human- like texts. Among these models, ChatGPT and Bard, developed by OpenAI and Google AI respectively, have gained significant attention. With their wide range of functionalities, such as hu- manlike response generation, proficiency in professional exams, complex problem-solving, and more, these models have captivated interest. This paper presents a comprehensive survey that explores and compares the capabilities and features of ChatGPT and Bard. We delve into their architectures, training methodologies, performance evaluations, and limitations across various domains. Ethical considerations such as biases and potential misconduct are also examined. Our findings highlight ChatGPT’s exceptional performance, positioning it as a leading model. This survey is a vital re- source for scholars, innovators, and interested parties operating within the domain of conversational artificial intelligence, offering valuable insights for the advancement of cutting-edge language models. Join us as we uncover the potential of ChatGPT and Bard, paving the way for groundbreaking achievements in conversa- tional AI.

show abstract

“…In addition, when users post reports, they often include numerous screenshots of emails and SMSs, and these features can efficiently identify user reports. Related studies [50,55] have shown that these similar features can effectively determine whether a string contains warning information. URL Features.…”

Section: Feature Engineeringmentioning

confidence: 99%

“…It has been demonstrated that the proposed system can detect threats, especially malwarerelated threats, earlier than other threat intelligence systems. Roy et al focused on defanging and phishing attack-related hashtag strings, extracted information about phishing attacks from Twitter, and analyzed the characteristics of the accounts posting information [50]. It has been shown that information that interacts with other accounts, such as replies and retweets to the information posted on Twitter, is reflected more quickly in the block list.…”

Section: Related Workmentioning

confidence: 99%

Canary in Twitter Mine: Collecting Phishing Reports from Experts and Non-experts

Nakano¹,

Chiba²,

Koide³

et al. 2023

Preprint

View full text Add to dashboard Cite

The rise in phishing attacks via e-mail and short message service (SMS) has not slowed down at all. The first thing we need to do to combat the ever-increasing number of phishing attacks is to collect and characterize more phishing cases that reach end users. Without understanding these characteristics, anti-phishing countermeasures cannot evolve. In this study, we propose an approach using Twitter as a new observation point to immediately collect and characterize phishing cases via e-mail and SMS that evade countermeasures and reach users. Specifically, we propose CrowdCanary, a system capable of structurally and accurately extracting phishing information (e.g., URLs and domains) from tweets about phishing by users who have actually discovered or encountered it. In our three months of live operation, CrowdCanary identified 35,432 phishing URLs out of 38,935 phishing reports. We confirmed that 31,960 (90.2%) of these phishing URLs were later detected by the anti-virus engine, demonstrating that CrowdCanary is superior to existing systems in both accuracy and volume of threat extraction. We also analyzed users who shared phishing threats by utilizing the extracted phishing URLs and categorized them into two distinct groups -namely, experts and non-experts. As a result, we found that CrowdCanary could collect information that is specifically included in non-expert reports, such as information shared only by the company brand name in the tweet, information about phishing attacks that we find only in the image of the tweet, and information about the landing page before the redirect.

show abstract

Evaluating the Effectiveness of Phishing Reports on Twitter

Cited by 9 publications

References 39 publications

Cybersecurity Misinformation Detection on Social Media: Case Studies on Phishing Reports and Zoom’s Threat

Cybersecurity Misinformation Detection on Social Media: Case Studies on Phishing Reports and Zoom’s Threat

ChatGPT vs. Bard: A Comparative Study

Canary in Twitter Mine: Collecting Phishing Reports from Experts and Non-experts

Contact Info

Product

Resources

About