Living in a Spamster's Paradise: Deceit and Threats in Phishing Emails

Kikerpill, Kristjan; Siibak, Andra

doi:10.5817/mujlt2019-1-3

Cited by 14 publications

(10 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Developments and debates concerning what 'cybercrime', or its competing signifiers, communicate as their attached meaning have been ongoing since the early 2000s (Grabosky 2001;Capeller, 2001;Maimon and Louderbeck, 2019). Nevertheless, criminal convictions still solely depend on the applicable law, not academic deliberations (Kikerpill and Siibak, 2019).…”

Section: Settling the Ongoing 'Cyber' Confusionmentioning

confidence: 99%

Asking the ‘Cyber’ question: Whose use of what information and communication technology creates which changes for whom?

Kikerpill¹

2021

SSRN Journal

Self Cite

View full text Add to dashboard Cite

The purpose of this brief article is to trace and explain the ubiquitous yet elusive term 'cyber', which is omnipresent in media stories, international policy discussions, law enforcement efforts and internet studies. The persistently elusive nature of the term has evoked discussions on the usefulness of the term in describing and discussing modern human-computer (-human) interactions. This article clarifies the contents of the term and offers a clear approach to usage moving forward. Design/methodology/approachThis is a general review article that traces the history of the elusive term 'cyber' by putting the development story together from available sources on early cybernetics and the subsequent rise of information technology, personal computers and the internet. FindingsThe term 'cyber' presents best through the conceptual 'Cyber' question, i.e. "Whose use of what information and communication technology creates which changes for whom?". The modern use of 'cyber' shares a history with 'cybernetics', but relates more narrowly to modern information and communication technologies through a specific re-emergence of the prefix from science fiction literature to international policy and academia to everyday usage. OriginalityThe article focusses on the term and concept 'cyber', i.e. investigating its origins, emergence and the related terminological confusion. By posing the inquiry and explanation in the form of a guiding 'Cyber' question, the article provides a solid basis for the future use and understanding of the term 'cyber' as evoked in academic, policy or public discussions.

show abstract

Section: Settling the Ongoing 'Cyber' Confusionmentioning

confidence: 99%

Asking the ‘Cyber’ question: Whose use of what information and communication technology creates which changes for whom?

Kikerpill¹

2021

SSRN Journal

Self Cite

View full text Add to dashboard Cite

show abstract

“…cybercrime offences are not solely perpetrated by career criminals or criminal groups because regular people abuse online opportunities in a similar manner. Before the pressure becomes a matter for law enforcement, however, individuals targeted by offenders face an onslaught of crime attempts that are not reflected in official crime statistics (Kikerpill and Siibak, 2019). Additional indications of the short reach of public authorities is the increased attention to cyber hygiene, i.e.…”

Section: Responsibilisation: From the Public To The Personalmentioning

confidence: 99%

“…Previous research has shown that 95% of cybersecurity incidents are caused by human error (IBM Global Technology Services, 2014), which clearly indicates a lack of knowledge regarding the connection between threats and the risk these threats pose to the value that underpins our sphere of protection. In terms of the value of security, socially engineered online attacks such as phishing (Kikerpill and Siibak, 2019) are specifically designed to take advantage of this discrepancy present for a person’s sphere of protection. In other words, people are knowledgeable about and willing to protect one manifestation of security, e.g.…”

Section: Internal Spheres Of Protectionmentioning

confidence: 99%

“…Theoretically, it would be possible to bring the absolute exposure to phishing risk (Gottfredson, 1981, p. 715) down to zero by simply not having an email account (or a phone that can receive text messages and calls). However, given the prevalence of email for personal and business communication (Kikerpill and Siibak, 2019), blanket exclusion of this kind is unlikely for many and would be extremely difficult to propose as policy in the digital era. Therefore, knowledge regarding threats to an individual’s sphere of protection and the ability of using such knowledge when necessary are primary in deciding on the course of action or required measures.…”

Section: Internal Spheres Of Protectionmentioning

confidence: 99%

See 1 more Smart Citation

The individual’s role in cybercrime prevention: internal spheres of protection and our ability to safeguard them

Kikerpill

2020

Self Cite

View full text Add to dashboard Cite

Purpose As a well-known social institution, crime prevention has traditionally been in the purview of public authorities. However, the ceaseless increase in the use of online resources and governments’ responsibilisation approach to cybercrime prevention has created an ecosystem, which necessitates the empowerment of individuals. By introducing the concept of internal spheres of protection, the purpose of this paper is to show how traditionally public responsibilities require increased facilitation by individuals to adequately safeguard what they value. Design/methodology/approach This is a brief conceptual paper, which recasts the individual’s role in cybercrime prevention through a critique of the routine activity theory (Cohen and Felson, 1979) and explains how responsibilisation (Garland, 1996) has created an unavoidable need to provide individuals with the knowledge and tools required to avoid online victimisation. Findings In the context of cybercrime, criminological theories that are limited in considering the individual both as the target of crime and the person likeliest to prevent it are quickly becoming outdated. Public authorities either cannot intervene or are moving away from intervening on citizens’ behalf to effectively stymie the pressure from cybercriminals. Thus, there is a need of an approach that starts with individuals and their value-based motivations. Originality/value The concept of internal spheres of protection is a novel way of looking at cybercrime prevention. The internal spheres are based on individuals’ values, and the value of security in particular, and take cyber-knowledge as a point of departure towards safeguarding such values, i.e. through risk-decreasing actions and the use of relevant tools.

show abstract

“…Існують певні проблеми щодо запровадження кримінально-правової відповідальності за фішинг-атаки, оскільки фішинг взагалі не є окремим злочином відповідно до матеріального кримінального права 1 . Це певне «парасолькове» поняття, яке охоплює низку розпочатих чи завершених злочинів [36]. Фішингатаки з точки зору кримінального права можуть відповідати різним категоріям злочинів (вимагання, шахрайство, шантаж, правопорушення, що пов'язані з обробкою персональних даних).…”

Section: Issn 2414-990x Problems Of Legality 2020 Issue 149unclassified

Legal aspects of counteracting phishing: the European Union experience

Yakoviyk¹,

Волошин²,

Шовкун³

2020

Plaw

View full text Add to dashboard Cite

Cybersecurity is increasingly seen as a fundamental problem of the state, which comprehensively affects its security and defense, economy, certain spheres of public life, in particular energy, health care and others. Reliable operation of data networks, computer systems and mobile devices is a prerequisite for the effective state and society functioning, an individual’s life. The reliability of key public information systems depends on many factors: cyberattacks, hardware and software failures, and all kinds of errors. The significant increase in the number of incidents in cyberspace necessitates a systematic analysis of sources of threats, the first place among which is phishing. The introduction of criminal responsibility for phishing is complicated by the fact that "phishing" is an "umbrella" concept that covers a number of launched or committed crimes. From criminal law point of view, phishing attacks can correspond to different categories of crimes (extortion, fraud, blackmail, offenses related to the processing of personal data, etc.). The attempt by some states to impose criminal penalties for phishing at the national level does not solve the problem, since it is not difficult for phishers who work worldwide to cross national barriers. That is still the reason why counteracting cybercrime requires significant efforts not only by individual states but also by international organizations, in particular by the European Union.

show abstract

Living in a Spamster's Paradise: Deceit and Threats in Phishing Emails

Cited by 14 publications

References 15 publications

Asking the ‘Cyber’ question: Whose use of what information and communication technology creates which changes for whom?

Asking the ‘Cyber’ question: Whose use of what information and communication technology creates which changes for whom?

The individual’s role in cybercrime prevention: internal spheres of protection and our ability to safeguard them

Legal aspects of counteracting phishing: the European Union experience

Contact Info

Product

Resources

About