Select Page
Journal article | Research library
| 01/10/2007

Social phishing

Tom Jagatic | Nathaniel Johnson | Markus Jakobsson | Filippo Menczer

Phishing is a form of social engineering in which an attacker attempts to fraudulently acquire sensitive information from a victim by impersonating a trustworthy third party. Phishing attacks today typically employ generalized “lures.” For instance, a phisher misrepresenting himself as a large banking corporation or popular on-line auction site will have a reasonable yield, despite knowing little to nothing about the recipient. In a study by Gartner [11], about 19% of all those surveyed reported having clicked on a link in a phishing email, and 3% admitted to giving up financial or personal information. However, no existing studies provide us with a baseline success rate for individual phishing attacks. This was one of the motivating factors for the research project described here.

You May Also Like