X-Platform phishing: Abusing trust for targeted attacks short paper

Hossein Siadati, Toan Nguyen, Nasir Memon

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The goal of anti-phishing techniques is to reduce the delivery rate of phishemails, and anti-phishing training aims to decrease the phishing click-through rates. This paper presents the X-Platform Phishing Attack, a deceptive phishing attack with an alarmingly high delivery and click-through rates, and highlights a subclass of phishing attacks that existing anti-phishing methods do not seem to be able to address. The main characteristic of this attack is that an attacker is able to embed a malicious link within a legitimate message generated by service providers (e.g., Github, Google, Amazon) and sends it using their infrastructure to his targets. This technique results in the bypassing of existing anti-phishing filters because it utilizes reputable service providers to generate seemingly legitimate emails. This also makes it highly likely for the targets of the attack to click on the phishing link as the email id of a legitimate provider is being used. An X-Platform Phishing attack can use email-based messaging and notification mechanisms such as friend requests, membership invitations, status updates, and customizable gift cards to embed and deliver phishing links to their targets. We have tested the delivery and click-through rates of this attack experimentally, based on a customized phishing email tunneled through GitHub’s pull-request mechanism. We observed that 100% of X-Platform Phishing emails passed the anti-phishing systems and were delivered to the inbox of the target subjects. All of the participants clicked on phishing messages, and in some cases, forwarded the message to other project collaborators who also clicked on the phishing links.

Original languageEnglish (US)
Title of host publicationFinancial Cryptography and Data Security - FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, Revised Selected Papers
PublisherSpringer Verlag
Pages587-596
Number of pages10
Volume10323 LNCS
ISBN (Print)9783319702773
DOIs
StatePublished - Jan 1 2017
Event21st International Workshops on Financial Cryptography and Data Security, FC 2017 held in conjuction with 5th Workshop on Encrypted Computing and Applied Homomorphic Cryptography, WAHC 2017, 4th Workshop on Bitcoin and Blockchain Research, BITCOIN 2017, 2nd Workshop on Advances in Secure Electronic Voting Schemes, VOTING 2017, 1st Workshop on Trusted Smart Contracts, WTSC 2017 and 1st Workshop on Targeted Attacks, TA 2017 - Sliema, Malta
Duration: Apr 7 2017Apr 7 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10323 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other21st International Workshops on Financial Cryptography and Data Security, FC 2017 held in conjuction with 5th Workshop on Encrypted Computing and Applied Homomorphic Cryptography, WAHC 2017, 4th Workshop on Bitcoin and Blockchain Research, BITCOIN 2017, 2nd Workshop on Advances in Secure Electronic Voting Schemes, VOTING 2017, 1st Workshop on Trusted Smart Contracts, WTSC 2017 and 1st Workshop on Targeted Attacks, TA 2017
CountryMalta
CitySliema
Period4/7/174/7/17

Fingerprint

Electronic mail
Electronic Mail
Attack
Target
Telecommunication links
Infrastructure
Update
Likely
Filter
Decrease

Keywords

  • Cross-platform attack
  • Phishing
  • Targeted attack

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Siadati, H., Nguyen, T., & Memon, N. (2017). X-Platform phishing: Abusing trust for targeted attacks short paper. In Financial Cryptography and Data Security - FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, Revised Selected Papers (Vol. 10323 LNCS, pp. 587-596). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10323 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-70278-0_37

X-Platform phishing : Abusing trust for targeted attacks short paper. / Siadati, Hossein; Nguyen, Toan; Memon, Nasir.

Financial Cryptography and Data Security - FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, Revised Selected Papers. Vol. 10323 LNCS Springer Verlag, 2017. p. 587-596 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10323 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Siadati, H, Nguyen, T & Memon, N 2017, X-Platform phishing: Abusing trust for targeted attacks short paper. in Financial Cryptography and Data Security - FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, Revised Selected Papers. vol. 10323 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10323 LNCS, Springer Verlag, pp. 587-596, 21st International Workshops on Financial Cryptography and Data Security, FC 2017 held in conjuction with 5th Workshop on Encrypted Computing and Applied Homomorphic Cryptography, WAHC 2017, 4th Workshop on Bitcoin and Blockchain Research, BITCOIN 2017, 2nd Workshop on Advances in Secure Electronic Voting Schemes, VOTING 2017, 1st Workshop on Trusted Smart Contracts, WTSC 2017 and 1st Workshop on Targeted Attacks, TA 2017, Sliema, Malta, 4/7/17. https://doi.org/10.1007/978-3-319-70278-0_37
Siadati H, Nguyen T, Memon N. X-Platform phishing: Abusing trust for targeted attacks short paper. In Financial Cryptography and Data Security - FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, Revised Selected Papers. Vol. 10323 LNCS. Springer Verlag. 2017. p. 587-596. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-70278-0_37
Siadati, Hossein ; Nguyen, Toan ; Memon, Nasir. / X-Platform phishing : Abusing trust for targeted attacks short paper. Financial Cryptography and Data Security - FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, Revised Selected Papers. Vol. 10323 LNCS Springer Verlag, 2017. pp. 587-596 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{efcad0a41c68456a98253f7f0124ee33,
title = "X-Platform phishing: Abusing trust for targeted attacks short paper",
abstract = "The goal of anti-phishing techniques is to reduce the delivery rate of phishemails, and anti-phishing training aims to decrease the phishing click-through rates. This paper presents the X-Platform Phishing Attack, a deceptive phishing attack with an alarmingly high delivery and click-through rates, and highlights a subclass of phishing attacks that existing anti-phishing methods do not seem to be able to address. The main characteristic of this attack is that an attacker is able to embed a malicious link within a legitimate message generated by service providers (e.g., Github, Google, Amazon) and sends it using their infrastructure to his targets. This technique results in the bypassing of existing anti-phishing filters because it utilizes reputable service providers to generate seemingly legitimate emails. This also makes it highly likely for the targets of the attack to click on the phishing link as the email id of a legitimate provider is being used. An X-Platform Phishing attack can use email-based messaging and notification mechanisms such as friend requests, membership invitations, status updates, and customizable gift cards to embed and deliver phishing links to their targets. We have tested the delivery and click-through rates of this attack experimentally, based on a customized phishing email tunneled through GitHub’s pull-request mechanism. We observed that 100{\%} of X-Platform Phishing emails passed the anti-phishing systems and were delivered to the inbox of the target subjects. All of the participants clicked on phishing messages, and in some cases, forwarded the message to other project collaborators who also clicked on the phishing links.",
keywords = "Cross-platform attack, Phishing, Targeted attack",
author = "Hossein Siadati and Toan Nguyen and Nasir Memon",
year = "2017",
month = "1",
day = "1",
doi = "10.1007/978-3-319-70278-0_37",
language = "English (US)",
isbn = "9783319702773",
volume = "10323 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "587--596",
booktitle = "Financial Cryptography and Data Security - FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, Revised Selected Papers",
address = "Germany",

}

TY - GEN

T1 - X-Platform phishing

T2 - Abusing trust for targeted attacks short paper

AU - Siadati, Hossein

AU - Nguyen, Toan

AU - Memon, Nasir

PY - 2017/1/1

Y1 - 2017/1/1

N2 - The goal of anti-phishing techniques is to reduce the delivery rate of phishemails, and anti-phishing training aims to decrease the phishing click-through rates. This paper presents the X-Platform Phishing Attack, a deceptive phishing attack with an alarmingly high delivery and click-through rates, and highlights a subclass of phishing attacks that existing anti-phishing methods do not seem to be able to address. The main characteristic of this attack is that an attacker is able to embed a malicious link within a legitimate message generated by service providers (e.g., Github, Google, Amazon) and sends it using their infrastructure to his targets. This technique results in the bypassing of existing anti-phishing filters because it utilizes reputable service providers to generate seemingly legitimate emails. This also makes it highly likely for the targets of the attack to click on the phishing link as the email id of a legitimate provider is being used. An X-Platform Phishing attack can use email-based messaging and notification mechanisms such as friend requests, membership invitations, status updates, and customizable gift cards to embed and deliver phishing links to their targets. We have tested the delivery and click-through rates of this attack experimentally, based on a customized phishing email tunneled through GitHub’s pull-request mechanism. We observed that 100% of X-Platform Phishing emails passed the anti-phishing systems and were delivered to the inbox of the target subjects. All of the participants clicked on phishing messages, and in some cases, forwarded the message to other project collaborators who also clicked on the phishing links.

AB - The goal of anti-phishing techniques is to reduce the delivery rate of phishemails, and anti-phishing training aims to decrease the phishing click-through rates. This paper presents the X-Platform Phishing Attack, a deceptive phishing attack with an alarmingly high delivery and click-through rates, and highlights a subclass of phishing attacks that existing anti-phishing methods do not seem to be able to address. The main characteristic of this attack is that an attacker is able to embed a malicious link within a legitimate message generated by service providers (e.g., Github, Google, Amazon) and sends it using their infrastructure to his targets. This technique results in the bypassing of existing anti-phishing filters because it utilizes reputable service providers to generate seemingly legitimate emails. This also makes it highly likely for the targets of the attack to click on the phishing link as the email id of a legitimate provider is being used. An X-Platform Phishing attack can use email-based messaging and notification mechanisms such as friend requests, membership invitations, status updates, and customizable gift cards to embed and deliver phishing links to their targets. We have tested the delivery and click-through rates of this attack experimentally, based on a customized phishing email tunneled through GitHub’s pull-request mechanism. We observed that 100% of X-Platform Phishing emails passed the anti-phishing systems and were delivered to the inbox of the target subjects. All of the participants clicked on phishing messages, and in some cases, forwarded the message to other project collaborators who also clicked on the phishing links.

KW - Cross-platform attack

KW - Phishing

KW - Targeted attack

UR - http://www.scopus.com/inward/record.url?scp=85035090621&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85035090621&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-70278-0_37

DO - 10.1007/978-3-319-70278-0_37

M3 - Conference contribution

AN - SCOPUS:85035090621

SN - 9783319702773

VL - 10323 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 587

EP - 596

BT - Financial Cryptography and Data Security - FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, Revised Selected Papers

PB - Springer Verlag

ER -