Information Security and Privacy (SIG SEC)

Paper Type

ERF

Paper Number

1370

Description

Recently, research on fraudulent email detection has expanded from its purely technological orientation into understanding the role of human behavior in security breaches. However, an area that has been lacking is literature/theory-grounded content analysis in social engineering threat. While there exists an extensive body of anecdotal subjective literature, factors that account for phishing attack’s incessant success remain largely speculative. To better understand this, we propose a dimensional framework to identify the thematic nature of phishing emails that would not only help to understand the underlining technical subterfuge but also enhance our knowledge to effectively sense contextual social engineering tricks and the nature of such attacks, from multiple angles. To validate the dimensional elements, we will employ topic modeling techniques to analyze the themes of fraudulent email attack utilizing four benchmark datasets. Based on the analysis, this study discusses theoretical contributions and practical recommendations along with further directions of the research.

Share

COinS
 
Aug 9th, 12:00 AM

Uncovering Thematic Dimensions of Fraudulent Emails using Topic Modelling

Recently, research on fraudulent email detection has expanded from its purely technological orientation into understanding the role of human behavior in security breaches. However, an area that has been lacking is literature/theory-grounded content analysis in social engineering threat. While there exists an extensive body of anecdotal subjective literature, factors that account for phishing attack’s incessant success remain largely speculative. To better understand this, we propose a dimensional framework to identify the thematic nature of phishing emails that would not only help to understand the underlining technical subterfuge but also enhance our knowledge to effectively sense contextual social engineering tricks and the nature of such attacks, from multiple angles. To validate the dimensional elements, we will employ topic modeling techniques to analyze the themes of fraudulent email attack utilizing four benchmark datasets. Based on the analysis, this study discusses theoretical contributions and practical recommendations along with further directions of the research.

When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.