2023
DOI: 10.21203/rs.3.rs-3670198/v1
|View full text |Cite
Preprint
|
Sign up to set email alerts
|

Semantic Analysis of Phishing Emails Leading to Ransomware with ChatGPT

Himari Fujima,
Kazuya Takeuchi,
Takako Kumamoto

Abstract: Ransomware attacks have rapidly emerged as crippling threats to organizational stability and business continuity. This study conducts an in-depth analysis of real-world phishing emails that often initiate ransomware deployments within companies. The key objectives encompass identifying psychological tricks, technical deceits and language anomalies commonly conveyed in such emails to better inform defensive strategies. Additionally, a ChatGPT-powered machine learning model is designed using natural language pro… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1

Citation Types

0
2
0

Year Published

2023
2023
2024
2024

Publication Types

Select...
2
1
1

Relationship

0
4

Authors

Journals

citations
Cited by 4 publications
(2 citation statements)
references
References 31 publications
0
2
0
Order By: Relevance
“…These decoys engage threats in more prolonged interactions to delay encryption and enable incident response [54]. Experiments have shown such decoys can detect threats early in attack chains before significant damage occurs [55,56]. Nonetheless, challenges remain in balancing scalability and authenticity -easily deployed honeypots tend to be less deceptive to humandirected ransomware [2,57].…”
Section: Current Decoy File Techniquesmentioning
confidence: 99%
“…These decoys engage threats in more prolonged interactions to delay encryption and enable incident response [54]. Experiments have shown such decoys can detect threats early in attack chains before significant damage occurs [55,56]. Nonetheless, challenges remain in balancing scalability and authenticity -easily deployed honeypots tend to be less deceptive to humandirected ransomware [2,57].…”
Section: Current Decoy File Techniquesmentioning
confidence: 99%
“…One key aspect analyzed is the use of sophisticated fingerprinting methods by ransomware, which include time, date, language, and geolocation data, to tailor social engineering attacks [11,12]. For example, ransomware variants like Reveton and Cerber have been noted for customizing ransom notes in the victim's language, enhancing the efficacy of the scam [13,14,15,16]. The encryption mechanisms used in ransomware also vary, ranging from simple methods like base64 coding to more complex forms such as AES-256 encryption, and this variation impacts the decryption feasibility and the overall effectiveness of the ransomware [17,18].…”
Section: Ransomware Feature Studiesmentioning
confidence: 99%