ABSTRACT

While phishing has evolved over the years, it still exploits one of the weakest links in any information system — humans. The present study aims at describing who the potential phishing victims are. We constructed two types of phishing messages that represented two basic categories of phishing e-mails: regular and spear-phishing. In cooperation with the IT management of a municipality in the southwestern region of the United States, we sent these messages to the municipality’s employees and collected demographic data about individuals employed by the organization. We then applied eight supervised learning methods to classify the municipality’s employees into two groups: phished and not-phished. Our results indicate that spear-phishing yields a significantly higher response rate than regular phishing and that some machine learning methods yield high classification accuracy in predicting phishing victims. We finally provide discussion of the results as well as the future implications.

摘要

尽管网络钓鱼多年来不断发展，但它仍然利用任何信息系统中最薄弱的环节之一——人类。本研究旨在描述谁是潜在的网络钓鱼受害者。我们构建了两种类型的网络钓鱼邮件，它们代表了两种基本的网络钓鱼电子邮件类别：常规和鱼叉式网络钓鱼。我们与美国西南部某市的 IT 管理部门合作，将这些信息发送给该市的员工，并收集有关该组织雇用的个人的人口统计数据。然后，我们应用八种监督学习方法将市政当局的员工分为两组：网络钓鱼和非网络钓鱼。我们的结果表明，鱼叉式网络钓鱼产生的响应率明显高于常规网络钓鱼，并且一些机器学习方法在预测网络钓鱼受害者方面产生了高分类准确性。我们最后提供了对结果的讨论以及未来的影响。