We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.IR

Change to browse by:

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Cryptography and Security

Title: Evaluating the effectiveness of Phishing Reports on Twitter

Abstract: Phishing attacks are an increasingly potent web-based threat, with nearly 1.5 million websites created on a monthly basis. In this work, we present the first study towards identifying such attacks through phishing reports shared by users on Twitter. We evaluated over 16.4k such reports posted by 701 Twitter accounts between June to August 2021, which contained 11.1k unique URLs, and analyzed their effectiveness using various quantitative and qualitative measures. Our findings indicate that not only do these users share a high volume of legitimate phishing URLs, but these reports contain more information regarding the phishing websites (which can expedite the process of identifying and removing these threats), when compared to two popular open-source phishing feeds: PhishTank and OpenPhish. We also notice that the reported websites had very little overlap with the URLs existing in the other feeds, and also remained active for longer periods of time. But despite having these attributes, we found that these reports have very low interaction from other Twitter users, especially from the domains and organizations targeted by the reported URLs. Moreover, nearly 31% of these URLs were still active even after a week of them being reported, with 27% of them being detected by very few anti-phishing tools, suggesting that a large majority of these reports remain undiscovered, despite the majority of the follower base of these accounts being security focused users. Thus, this work highlights the effectiveness of the reports, and the benefits of using them as an open source knowledge base for identifying new phishing websites.
Comments: This paper has been accepted at the 2021 APWG Symposium on Electronic Crime Research (eCrime). The camera ready version of this work was presented and will be published at this conference ( December 1st to 3rd, 2021)
Subjects: Cryptography and Security (cs.CR); Information Retrieval (cs.IR); Social and Information Networks (cs.SI)
Cite as: arXiv:2111.07201 [cs.CR]
  (or arXiv:2111.07201v2 [cs.CR] for this version)

Submission history

From: Sayak Saha Roy [view email]
[v1] Sat, 13 Nov 2021 22:31:11 GMT (2846kb,D)
[v2] Wed, 22 Dec 2021 18:16:56 GMT (2845kb,D)

Link back to: arXiv, form interface, contact.