MITS5004 IT Security: Research Report on Social Phishing

Verified

Added on 2022/10/11

AI Summary

This report critically analyzes the concept of social phishing, focusing on its techniques, impact, and ethical considerations. The report begins with an introduction that defines social phishing as a form of social engineering used by attackers to acquire sensitive information. It then analyzes an article, detailing the intention and content related to social media phishing attacks, highlighting the vulnerabilities exploited by attackers, and the problems associated with such attacks, particularly the compromise of sensitive user data. The discussion section of the report focuses on the results drawn from the article, emphasizing the importance of data management and preventive measures within social networking environments. The report concludes by summarizing the key findings, including the significance of social media phishing in modern cybercrime, the effectiveness of the techniques, and the need for robust data protection measures. The report uses several sources to support the discussion and adheres to IEEE citation style, as required by the assignment brief.

Running head: SOCIAL PHISHING
SOCIAL PHISHING
Name of the student:
Name of the university:
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1SOCIAL PHISHING
Table of Contents
1.0 Introduction..........................................................................................................................2
2.0 Analysis of the Article.........................................................................................................2
2.1 Intention and Content of the Article.................................................................................3
2.2 Problems associated with the attack.................................................................................5
2.3 Discussion of the result....................................................................................................6
2.4 Discussion of the conclusion............................................................................................6
3.0 Conclusion............................................................................................................................6
4.0 References............................................................................................................................8

2SOCIAL PHISHING
1.0 Introduction
Social phishing is depicted as a form of engineering module that deals with the overall
attempts made by potential attackers that tends to acquire the sensitive information in respect
to the overall data present within the networks. In modern times the attacks regarding the
phishing is employed by the generalized lures. The most common format of phishing is
described as the social media phishing that deals with the overall networking sites thus to
obtain the information of the user thus affecting them. The article that will be analysed in this
report will be dealing with the overall information about the social phishing that are
perceived in these modern times. The reliable data that is stored as well as accessed in respect
to the overall social media sites are depicted to be involved in respect to the concept of social
phishing. The research that is being analysed in respect to the data protection as well as
security within the social media sites. Most importantly, the article analyses different aspects
of the social phishing attacks that hamper the overall user data in respect to the social media
sites.
The report will deal with the critical analysis of the depicted article thus analysing the
perceptions of the social media phishing. The aspects of the phishing methods in respect to
the attackers associated with these methodologies are analysed within this report as it is
mentioned within the article.
2.0 Analysis of the Article
This report will be significantly carrying out the analysis of the potential article that is
depicted as “T. Jagatic, N. Johnson, M. Jakobsson and F. Menczer, Social Phishing. Indiana
University, Bloomington: School of Informatics, 2005.” The next part of the report will deal
with the intention as well as the content of the article that is to be analysed.

3SOCIAL PHISHING
2.1 Intention and Content of the Article
The article firstly depicts that the phishing techniques as well as the attackers are
getting smarter day by day. The increased trends of the crimes in respect to online terms is
suggested to deal with a great deal of elements in respect to the context that makes this to be
more harmful as well as dangerous for the overall society [1] . The article identifies the
service interruptions from a resource that are frequently used for the creation of a phishing
attack. The authentication failures in respect to the phishing methodologies enhances the
attackers to clearly victimise the persons for the overall retrieval of the data. The security
threat associated with the overall phishing procedures within the social media sites are
depicted to be influencing the attackers in respect to the data tamper.
The users in this modern era uses the social media sites to save the appropriate data as
well as the overall information online. This trend has enhanced the way of phishing the data
from these social sites thus hampering them. Moreover, there are also certain techniques that
are associated with the phishing methodologies that tends to gain the trust of the users thus
becoming liable that the data to be hampered [5] . The article suggests a significant usage of a
database that facilitates the user to detect the data theft prior it has been started. The data
stored within the databases are focused in respect to the websites, the records of the public as
well as the information of the physical world.
The article also signifies that the phishing attacks tends to take advantage from the
vulnerabilities associated with both the technical as well as social terms [3] . The excellent
overview in respect to the different attacks that are occurring as well as countermeasures are
depicted to be analysed in the article [8] . The usage of the social contacts is also suggested to
enhance the overall power of an attack thus propagating the fact of social phishing. The easy
methodologies that are used by the attackers suggests that the phishing attacks are may be

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4SOCIAL PHISHING
very easy to develop as well as effectively deal with the hamper of the data within the
network environment.
The attacker firstly gains a significant knowledge of the social network sites that the
most popular and detects the volume of the information that mostly flows within them. With
this analysis it is suggested that the data within the social networking sites are significantly
vulnerable in respect to the social media phishers [10] . The sources of the data as well as the
information associated with the overall social media phishing techniques are firstly analysed
by the attackers thus identifying the important information, which could lead the attackers
with some financial terminologies.
The article significantly adheres a development of a phishing experiment that tends to
analyse the overall procedure or process that are used by an attacker to carry out the social
phishing [12] . The experiment tends to analyse the temporary patterns in respect to the data
logs present within the website that the phisher is trying to attack. The article also provides a
graphical overview in respect to the fact that of the overall procedure of a temporary phishing
experiment. The pictorial representation of the social media phishing technique is provided in
the given figure.

5SOCIAL PHISHING
Moreover, the article also identifies the overall significance of the experiment that is
being carried out in respect to the data phishing present within the social networking systems
[2] . In addition to this, a critique has been analysed within the article in respect to the overall
experiment that is being carried out with respect to the overall social phishing techniques [11]
. The email messages as well as the hack of the email accounts in respect to the data stored
within the attacks are eventually tampered in respect to the phishing attack. The spoof of the
email as well as the names of the social accounts are depicted to be useful by the attackers for
the disruption of the user data.
The article also suggests the ethical ways in respect to conduct this type of
experiments that will tend to imply the attacks related to social engineering [7] . The
extensive campaigns in respect to the overall awareness of the data phishing is identified to
be useful in respect to the protection of the data associated in the server. This will potentially
provide the users with the effective knowledge in respect to the data phishing thus enhancing
them to effectively maintain the overall data associated with the users.
2.2 Problems associated with the attack
The significant sector that is potentially hampered in respect to the depicted attack of
the social phishing is the sensitive and the important data associated with the user within the
social media platforms. The data are significant for the users as these comprises of the
important as well as sensitive information in respect to the overall users present within this
filed [6] . The IT policy as well as the security offices tends to provide the overall protection
of data methods in respect to the information associated with the different social networking
sites. The data that is associated with the overall sites tends to get hamper in respect to the
phishing attacks [9] . This data phishing is associated with some issues that are related with

6SOCIAL PHISHING
the data of the users. This significant authentication of the users data with the trust of the
attackers are significantly associated with the phishing methodology.
2.3 Discussion of the result
The overall result that is being drawn in respect to the article suggests that the data
present within the social networking. The different data techniques that are associated with
the overall management of the user data within the environment of the social networking sites
are identified to as the preventive measures in respect to the data associated with the social
networking sites [4] . The overall discussion within the article is carried out with the overall
evaluation of the social phishing techniques and the methodologies associated with the data
of the users.
2.4 Discussion of the conclusion
The article signifies that the data phishing is being carried out in respect to the social
networking sites that are mostly associated with the data of the users. These data are mainly
related with the sensitive information in respect to the overall information present within the
sites. These data are also identified as the personal as well as the banking information. The
article also concludes the overall temporal concept of phishing with the social sites with the
help of an experiment.
3.0 Conclusion
Thus, it can be concluded that social media phishing is an important concept
associated with the modern day crimes. This technique tends to hamper the data of the users
associated with the social networking sites. Moreover, the experiment stated within the article
helps to create a clear overview in respect to the data phishing. This concludes the fact of the
overall security in respect to the preventive measures associated with the overall protection of

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7SOCIAL PHISHING
the data. The overall significance is associated with the evaluation of the social media
phishing in respect to the data related with the social sites of the users.

8SOCIAL PHISHING
4.0 References
[1] T. Jagatic, N. Johnson, M. Jakobsson and F. Menczer, Social Phishing. Indiana
University, Bloomington: School of Informatics, 2005.
[2] G.A. Akerlof and R.J. Shiller, Phishing for phools: The economics of manipulation and
deception. Princeton University Press, 2015.
[3] N.A.G. Arachchilage, S. Love and K. Beznosov, Phishing threat avoidance behaviour: An
empirical investigation. Computers in Human Behavior, 60, pp.185-197, 2016.
[4] M. Moghimi, and A.Y. Varjani, New rule-based phishing detection method. Expert
systems with applications, 53, pp.231-242, 2016.
[5] M. Alsharnouby, F. Alaca and S. Chiasson, Why phishing still works: User strategies for
combating phishing attacks. International Journal of Human-Computer Studies, 82, pp.69-82,
2015.
[6] J.A. Chaudhry, S.A. Chaudhry, and R.G. Rittenhouse, Phishing attacks and
defenses. International Journal of Security and Its Applications, 10(1), pp.247-256, 2016.
[7] B.B. Gupta, A. Tewari, A.K. Jain and D.P. Agrawal, Fighting against phishing attacks:
state of the art and future challenges. Neural Computing and Applications, 28(12), pp.3629-
3654, 2017.
[8] A. Vishwanath, B. Harrison and Y.J. Ng, Suspicion, cognition, and automaticity model of
phishing susceptibility. Communication Research, 45(8), pp.1146-1166, 2018.
[9] E.J. Williams, J. Hinds and A.N. Joinson, Exploring susceptibility to phishing in the
workplace. International Journal of Human-Computer Studies, 120, pp.1-13, 2018.

9SOCIAL PHISHING
[10] J. Wang, Y. Li and H.R. Rao, Overconfidence in phishing email detection. Journal of
the Association for Information Systems, 17(11), p.1, 2016.
[11] A. Aleroud and L. Zhou, Phishing environments, techniques, and countermeasures: A
survey. Computers & Security, 68, pp.160-196, 2017.
[12] S.C. Jeeva and E.B. Rajsingh, Intelligent phishing url detection using association rule
mining. Human-centric Computing and Information Sciences, 6(1), p.10, 2016.