TY - GEN
T1 - From Victims to Defenders
T2 - 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024
AU - Sun, Zhibo
AU - Kokulu, Faris Bugra
AU - Zhang, Penghui
AU - Oest, Adam
AU - Stringhini, Gianluca
AU - Bao, Tiffany
AU - Wang, Ruoyu
AU - Shoshitaishvili, Yan
AU - Doupé, Adam
AU - Ahn, Gail Joon
N1 - Publisher Copyright:
© 2024 Copyright held by the owner/author(s).
PY - 2024/9/30
Y1 - 2024/9/30
N2 - Reporting phishing attacks can significantly shorten the time required to take down their operations and deter further victimization by the same phishing websites. However, little research has been conducted to understand the phishing reporting ecosystem and its effectiveness. In this paper, we comprehensively evaluate the phishing reporting ecosystem to identify the critical challenges people face and their concerns when reporting smishing, vishing, and phishing email attacks. First, we analyze the existing security advice and channels for reporting phishing attacks in both the public and private sectors. Then, we conduct a scenario-based experiment involving 89 participants to investigate what factors affect a participant’s decision to report a phishing attack and what challenges they face in preparing the report. Third, we report phishing attacks ourselves and monitor the status of the reported phishing websites to empirically measure how reports are acted upon and how that affects the reported phishing websites. Finally, we propose approaches under five major concern categories to mitigate the challenges that we discover in the phishing reporting ecosystem.
AB - Reporting phishing attacks can significantly shorten the time required to take down their operations and deter further victimization by the same phishing websites. However, little research has been conducted to understand the phishing reporting ecosystem and its effectiveness. In this paper, we comprehensively evaluate the phishing reporting ecosystem to identify the critical challenges people face and their concerns when reporting smishing, vishing, and phishing email attacks. First, we analyze the existing security advice and channels for reporting phishing attacks in both the public and private sectors. Then, we conduct a scenario-based experiment involving 89 participants to investigate what factors affect a participant’s decision to report a phishing attack and what challenges they face in preparing the report. Third, we report phishing attacks ourselves and monitor the status of the reported phishing websites to empirically measure how reports are acted upon and how that affects the reported phishing websites. Finally, we propose approaches under five major concern categories to mitigate the challenges that we discover in the phishing reporting ecosystem.
KW - Anti-phishing Strategies
KW - Phishing Attack Reporting
KW - Phishing Reporting Challenges
KW - Smishing
KW - Vishing
UR - http://www.scopus.com/inward/record.url?scp=85206560675&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85206560675&partnerID=8YFLogxK
U2 - 10.1145/3678890.3678926
DO - 10.1145/3678890.3678926
M3 - Conference contribution
AN - SCOPUS:85206560675
T3 - ACM International Conference Proceeding Series
SP - 49
EP - 64
BT - Proceedings of 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024
PB - Association for Computing Machinery
Y2 - 30 September 2024 through 2 October 2024
ER -