A phishing mitigation solution using human behaviour and emotions that influence the success of phishing attacks
- Author
- Hossein Abroshan (UGent) , Jan Devos (UGent) , Geert Poels (UGent) and Eric Laermans (UGent)
- Organization
- Abstract
- Phishing is a social engineering scam that can cause financial and reputational damages to people and organisations. Studies have demonstrated the effects of human behaviour and emotions on people's security behaviour, such as falling into a phishing scam. Moreover, several studies show the effects of the COVID-19 outbreak on human emotions, impacting phishing attempts' success. In this study, we have developed a solution using previous studies' results to identify vulnerable users (i.e., those at risk of clicking on phishing links) in organisations. The solution assigns proper mitigation actions to those high-risk users. The system contains behaviour measurement, risk score, and mitigation modules that can mature and develop accuracy over time. Furthermore, situations similar to a pandemic are considered in the solution. The proposed solution will help organisations focus more on protecting high-risk users and reducing successful phishing attacks. This solution should be used in combination with technical anti-phishing and cybersecurity awareness training campaigns to achieve better results.
- Keywords
- Phishing, Cybersecurity, Solution, Human behaviour
Downloads
-
(...).pdf
- full text (Published version)
- |
- UGent only
- |
- |
- 733.36 KB
Citation
Please use this url to cite or link to this publication: http://hdl.handle.net/1854/LU-8705333
- MLA
- Abroshan, Hossein, et al. “A Phishing Mitigation Solution Using Human Behaviour and Emotions That Influence the Success of Phishing Attacks.” UMAP ’21 : Adjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization, edited by Judith Masthoff et al., Association for Computing Machinery (ACM), 2021, pp. 345–50, doi:10.1145/3450614.3464472.
- APA
- Abroshan, H., Devos, J., Poels, G., & Laermans, E. (2021). A phishing mitigation solution using human behaviour and emotions that influence the success of phishing attacks. In J. Masthoff, E. Herder, N. Tintarev, & M. Tkalčič (Eds.), UMAP ’21 : Adjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization (pp. 345–350). https://doi.org/10.1145/3450614.3464472
- Chicago author-date
- Abroshan, Hossein, Jan Devos, Geert Poels, and Eric Laermans. 2021. “A Phishing Mitigation Solution Using Human Behaviour and Emotions That Influence the Success of Phishing Attacks.” In UMAP ’21 : Adjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization, edited by Judith Masthoff, Eelco Herder, Nava Tintarev, and Marko Tkalčič, 345–50. Association for Computing Machinery (ACM). https://doi.org/10.1145/3450614.3464472.
- Chicago author-date (all authors)
- Abroshan, Hossein, Jan Devos, Geert Poels, and Eric Laermans. 2021. “A Phishing Mitigation Solution Using Human Behaviour and Emotions That Influence the Success of Phishing Attacks.” In UMAP ’21 : Adjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization, ed by. Judith Masthoff, Eelco Herder, Nava Tintarev, and Marko Tkalčič, 345–350. Association for Computing Machinery (ACM). doi:10.1145/3450614.3464472.
- Vancouver
- 1.Abroshan H, Devos J, Poels G, Laermans E. A phishing mitigation solution using human behaviour and emotions that influence the success of phishing attacks. In: Masthoff J, Herder E, Tintarev N, Tkalčič M, editors. UMAP ’21 : Adjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization. Association for Computing Machinery (ACM); 2021. p. 345–50.
- IEEE
- [1]H. Abroshan, J. Devos, G. Poels, and E. Laermans, “A phishing mitigation solution using human behaviour and emotions that influence the success of phishing attacks,” in UMAP ’21 : Adjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization, Utrecht, Netherlands, 2021, pp. 345–350.
@inproceedings{8705333,
abstract = {{Phishing is a social engineering scam that can cause financial and reputational damages to people and organisations. Studies have demonstrated the effects of human behaviour and emotions on people's security behaviour, such as falling into a phishing scam. Moreover, several studies show the effects of the COVID-19 outbreak on human emotions, impacting phishing attempts' success. In this study, we have developed a solution using previous studies' results to identify vulnerable users (i.e., those at risk of clicking on phishing links) in organisations. The solution assigns proper mitigation actions to those high-risk users. The system contains behaviour measurement, risk score, and mitigation modules that can mature and develop accuracy over time. Furthermore, situations similar to a pandemic are considered in the solution. The proposed solution will help organisations focus more on protecting high-risk users and reducing successful phishing attacks. This solution should be used in combination with technical anti-phishing and cybersecurity awareness training campaigns to achieve better results.}},
author = {{Abroshan, Hossein and Devos, Jan and Poels, Geert and Laermans, Eric}},
booktitle = {{UMAP '21 : Adjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization}},
editor = {{Masthoff, Judith and Herder, Eelco and Tintarev, Nava and Tkalčič, Marko}},
isbn = {{9781450383677}},
keywords = {{Phishing,Cybersecurity,Solution,Human behaviour}},
language = {{eng}},
location = {{Utrecht, Netherlands}},
pages = {{345--350}},
publisher = {{Association for Computing Machinery (ACM)}},
title = {{A phishing mitigation solution using human behaviour and emotions that influence the success of phishing attacks}},
url = {{http://doi.org/10.1145/3450614.3464472}},
year = {{2021}},
}
- Altmetric
- View in Altmetric