Access the full text.
Sign up today, get DeepDyve free for 14 days.
O. Zielinska, Allaire Welk, C. Mayhorn, E. Murphy-Hill (2016)
A Temporal Analysis of Persuasion Principles in Phishing EmailsProceedings of the Human Factors and Ergonomics Society Annual Meeting, 60
(2018)
Adidas scam
(2018)
Phishing attacks: defending your organisation
M. McHugh (2012)
Interrater reliability: the kappa statisticBiochemia Medica, 22
C.I. Hovland, I.L. Janis, H. Kelley (1953)
Communication and Persuasion: Psychological Studies of Opinion Change
Richard Roberts, Yaelle Goldschlag, Rachel Walter, Taejoong Chung, A. Mislove, Dave Levin (2019)
You Are Who You Appear to Be: A Longitudinal Study of Domain Impersonation in TLS CertificatesProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
Keith Jones, Miriam Armstrong, McKenna Tornblad, A. Namin (2020)
How social engineers use persuasion principles during vishing attacksInf. Comput. Secur., 29
N. Akbar (2014)
Analysing persuasion principles in phishing emails
(2018)
Tyto park scam
R. Ahmad, S. Terzis, K. Renaud (2023)
Content Analysis of Persuasion Principles in Mobile Instant Message Phishing
D. Cuddeford (2018)
WhatsApp: mobile phishing’s newest attack target
Matheesha Fernando, N. Arachchilage (2020)
Why Johnny can't rely on anti-phishing educational interventions to protect himself against contemporary phishing attacks?
Cristinel Vasiliu, Mihai Felea, Irina Nastase, M. Bucur, Adrian Istrate-Scradeanu (2023)
Exploring the Advantages of Using Social Media in the Romanian Retail SectorJ. Theor. Appl. Electron. Commer. Res., 18
Hugo Bijmans, Tim Booij, Anneke Schwedersky, Aria Nedgabat, R. Wegberg (2021)
Catching Phishers By Their Bait: Investigating the Dutch Phishing Landscape through Phishing Kit Detection
Daejoong Kim, J. Kim (2013)
Understanding persuasive elements in phishing e-mails: A categorical content and semantic network analysisOnline Inf. Rev., 37
H. Hsieh, S. Shannon (2005)
Three Approaches to Qualitative Content AnalysisQualitative Health Research, 15
C. Hadnagy (2018)
Social Engineering: The Science of Human Hacking
R. Ahmad, S. Terzis (2022)
Understanding Phishing in Mobile Instant Messaging: A Study into User Behaviour Toward Shared Links
Filipo Sharevski, Amy Devine, Emma Pieroni, Peter Jachim (2022)
Phishing with Malicious QR CodesProceedings of the 2022 European Symposium on Usable Security
Eric Lin, S. Greenberg, Eileah Trotter, David Ma, John Aycock (2011)
Does domain highlighting help people identify phishing sites?Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
D. Gragg (2003)
A Multi-Level Defense Against Social Engineering
Diksha Goel, A. Jain (2017)
Mobile phishing attacks and defence mechanisms: State of art and open research challengesComput. Secur., 73
A. Ferreira, L. Coventry, G. Lenzini (2015)
Principles of Persuasion in Social Engineering and Their Use in Phishing
Sven Übelacker, S. Quiel (2014)
The Social Engineering Personality Framework2014 Workshop on Socio-Technical Aspects in Security and Trust
Zhongqing Hu, Shuai Ding, Shizheng Li, Luting Chen, Shanlin Yang (2019)
Adoption Intention of Fintech Services for Bank Users: An Empirical Examination with an Extended Technology Acceptance ModelSymmetry, 11
Kenton O'Hara, M. Massimi, R. Harper, S. Rubens, Jessica Morris (2014)
Everyday dwelling with WhatsAppProceedings of the 17th ACM conference on Computer supported cooperative work & social computing
Giada Stivala, Giancarlo Pellegrino (2020)
Deceptive Previews: A Study of the Link Preview Trustworthiness in Social PlatformsProceedings 2020 Network and Distributed System Security Symposium
M. Butavicius, K. Parsons, M. Pattinson, Agata McCormac (2016)
Breaching the Human Firewall: Social engineering in Phishing and Spear-Phishing Emails
Sujata Garera, Niels Provos, Monica Chew, A. Rubin (2007)
A framework for detection and measurement of phishing attacks
F. Stajano, P. Wilson (2011)
Understanding scam victimsCommunications of the ACM, 54
A. Ferreira, M. Jakobsson (2016)
Persuasion in Scams
Nico Smuts (2019)
What Drives Cryptocurrency Prices?ACM SIGMETRICS Performance Evaluation Review, 46
A. Felt, Richard Barnes, April King, Chris Palmer, Chris Bentzel, Parisa Tabriz (2017)
Measuring HTTPS Adoption on the Web
Tatyana Stojnic, Dinusha Vatsalan, N. Arachchilage (2021)
Phishing email strategies: Understanding cybercriminals' strategies of crafting phishing emailsSecurity and Privacy, 4
Rohit Valecha, Pranali Mandaokar, H. Rao (2022)
Phishing Email Detection Using Persuasion CuesIEEE Transactions on Dependable and Secure Computing, 19
Steve Sheng, Brad Wardman, Gary Warner, L. Cranor, Jason Hong, Chengshan Zhang (2009)
An Empirical Analysis of Phishing Blacklists
B. O’Connell, B. Curry (2022)
Stock market sector
Mattia Mossano, Kami Vaniea, Lukas Aldag, Reyhan Düzgün, Peter Mayer, M. Volkamer (2020)
Analysis of publicly available anti-phishing webpages: contradicting information, lack of concrete advice and very narrow attack vector2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
E. Zezschwitz, Serena Chen, Emily Stark (2022)
"It builds trust with the customers" - Exploring User Perceptions of the Padlock Icon in Browser UI2022 IEEE Security and Privacy Workshops (SPW)
Naci Akdemir, Serkan Yenal (2021)
How Phishers Exploit the Coronavirus Pandemic: A Content Analysis of COVID-19 Themed Phishing EmailsSAGE Open, 11
This study aims to investigate how phishers apply persuasion principles and construct deceptive URLs in mobile instant messaging (MIM) phishing.Design/methodology/approachIn total, 67 examples of real-world MIM phishing attacks were collected from various online sources. Each example was coded using established guidelines from the literature to identify the persuasion principles, and the URL construction techniques employed.FindingsThe principles of social proof, liking and authority were the most widely used in MIM phishing, followed by scarcity and reciprocity. Most phishing examples use three persuasion principles, often a combination of authority, liking and social proof. In contrast to email phishing but similar to vishing, the social proof principle was the most commonly used in MIM phishing. Phishers implement the social proof principle in different ways, most commonly by claiming that other users have already acted (e.g. crafting messages that indicate the sender has already benefited from the scam). In contrast to email, retail and fintech companies are the most commonly targeted in MIM phishing. Furthermore, phishers created deceptive URLs using multiple URL obfuscation techniques, often using spoofed domains, to make the URL complex by adding random characters and using homoglyphs.Originality/valueThe insights from this study provide a theoretical foundation for future research on the psychological aspects of phishing in MIM apps. The study provides recommendations that software developers should consider when developing automated anti-phishing solutions for MIM apps and proposes a set of MIM phishing awareness training tips.
Information & Computer Security – Emerald Publishing
Published: Sep 25, 2024
Keywords: Phishing; Persuasion principles; Mobile instant messaging; URL obfuscation
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.