Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top

2016 | Book

Scams and Targeting Read chapter Read first chapter

Understanding Social Engineering Based Scams

Editor: Markus Jakobsson

Publisher: Springer New York

Part of: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Login to get access
insite
SEARCH

About this book

This book describes trends in email scams and offers tools and techniques

to identify such trends. It also describes automated countermeasures

based on an understanding of the type of persuasive methods used by

scammers. It reviews both consumer-facing scams and enterprise scams,

describing in-depth case studies relating to Craigslist scams and Business

Email Compromise Scams. This book provides a good starting point for

practitioners, decision makers and researchers in that it includes

alternatives and complementary tools to the currently deployed email

security tools, with a focus on understanding the metrics of scams.

Both professionals working in security and advanced-level students

interested in privacy or applications of computer science will find this book

a useful reference.

Table of Contents

Frontmatter
Chapter 1. Scams and Targeting
Abstract
This short chapter focuses on targeting. Targeting increases the yield of attacks, i.e., the response rate. Targeting also reduces the efficacy of spam filters and related technologies, and as such, vastly improves the profits scammers reap. We overview how to estimate the yield of attacks, and how to identify scams that are likely to become more common.
Markus Jakobsson

Identifying Trends

Frontmatter
Chapter 2. Identifying Scams and Trends
Abstract
This chapter focuses on the taxonomy of scam emails collected from various sources and investigates long-term trends in scam emails. We first describe a large-scale compendium of scam emails collected from various sources, and then present an analysis regarding what kind of scams exist, what their structures are, and how they are related to each other. We then describe a machine learning classifier built based upon the taxonomy analysis, and use it to cluster scam emails into major scam categories. Then an analysis of different trends from each scam category is presented. Our analysis shows a clear trend that spam-like non-targeted scams are decreasing continuously while targeted scams with specific victims have been getting more prevalent over the last 10 years.
Damon McCoy, Youngsam Park, Elaine Shi, Markus Jakobsson
Chapter 3. Predicting Trends
Abstract
Being able to identify likely trends is the core of building better countermeasures. This chapter describes a light-weight approach to identifying differences in user vulnerabilities. That allows us to quantify vulnerabilities before they are actively abused. By being able to anticipate what fraudsters will be likely to do eventually, it is possible to build countermeasures that address big open vulnerabilities.
Ting-Fang Yen, Markus Jakobsson

Why Do People Fall for Scams?

Frontmatter
Chapter 4. Persuasion in Scams
Abstract
This chapter identifies and analyzes trends in the terms and expressions used in the content of scam emails and associates those with the principles of human persuasion that they integrate. We discuss and compare both the terms and principles used over time within a sample of scam emails collected between 2006 and 2014. Our analyses shows that different scam email categories use various principles of persuasion and that it is possible to observe distinct trends in their usage. We argue that with a better understanding of how scammers work at a psychological level, one could devise new techniques to detect persuasion in scam emails and build tools that more closely emulate human interaction with those emails.
Ana Ferreira, Markus Jakobsson

Filtering Technology

Frontmatter
Chapter 5. Traditional Countermeasures to Unwanted Email
Abstract
This chapter delivers an overview of traditional mechanisms to detect and stop unwanted emails. These mechanisms include email authentication (e.g., DKIM, SPF, DMARC), blacklisting (e.g., DNSBL), and content-based spam filtering (e.g., Naive Bayes Classifier). We explain the extent to which they can be useful to block scam, and point out evasion techniques that help spammers and scammers survive.
Hossein Siadati, Sima Jafarikhah, Markus Jakobsson
Chapter 6. Obfuscation in Spam and Scam
Abstract
In this chapter, we demonstrate a vulnerability in existing content-based message filtering methods, showing how an attacker can use a simple obfuscator to modify any message to a homograph version of the same message, thereby avoiding digest and signature based detection methods. We measure the success of this potential attack, showing a total success against Hotmail, Gmail and Yahoo mail. While the attack is bothersome both in terms of its simplicity and its success, it is also easily countered. We describe some computationally practical countermeasures.
Mayank Dhiman, Ting-Fang Yen, Markus Jakobsson
Chapter 7. Semantic Analysis of Messages
Abstract
This chapter describes a novel content-based detection method based on the semantics—or meaning—of messages. This is a powerful tool since scammers commonly change formulations but rarely change storylines. We use examples related to the stranded traveler scam, which is a common result of account take-overs, whether of email or of Facebook accounts. We note that the same methods can be applied to an array of other types of scams—in fact, all but scams employing extremely short messages and those that do not rely on a fixed storyline, such as some classes of romance scams (see Chap. 10)
Markus Jakobsson

Understanding the Problem Starts with Measuring It

Frontmatter
Chapter 8. Case Study: Sales Scams
Abstract
This chapter focuses on a common type of consumer-facing scam referred to as the sales scam, focusing on the scam’s occurrence on Craigslist, one of the most popular online market websites, with over 60 million monthly visitors in the U.S. alone. In spite of the prevalence of scams on Craigslist, the community’s understanding of these is still very much lacking, and in this chapter and the two chapters following it, we present in-depth measurement studies of such scam activities. These measurement studies aim to better understand the underground economy of scams on Craigslist, and seek effective intervention points. In particular, we seek to address questions such “Where are scammers located?”, “How do scam factories operate?”, and “How effective are current defenses?”. While the answers certainly do not translate to all types of scams—not even all those on Craigslist—they provide interesting insights into the problem and show how to design metrics to assess its nature.
Damon McCoy, Youngsam Park, Elaine Shi, Markus Jakobsson
Chapter 9. Case Study: Rental Scams
Abstract
In this chapter, a systematic empirical study of the online rental scams on Craigslist and its ecosystem is presented. By developing several effective detection techniques, several major rental scam campaigns on Craigslist were identified. In addition, a system was built to automatically contact suspected rental scammers, which enabled us to understand what support infrastructure they used and how they were monetizing their postings.
Damon McCoy, Youngsam Park, Elaine Shi, Markus Jakobsson
Chapter 10. Case Study: Romance Scams
Abstract
This chapter describes the romance scam, and an experiment performed to establish metrics around it, including a data collection tool we refer to as the simulated spam filter. We find that while traditional romance scams still account for the large majority of romance scam messages, affiliate marketing scams are increasingly becoming dominant in online dating sites. This type of scam attempts to lure the victim to third-party sites, often promising profile pictures or, under the pretense of identity validation, phishing for the victim’s credit card number. Our simulated spam filter study further shows that around 2 % of the scammers will click on links included in our auto-response emails, and that 5 % reply to our auto-response emails. Our results shed light on the extent to which romance scam operations are automated, and the approximate geographic location of the scammers.
Ting-Fang Yen, Markus Jakobsson
Chapter 11. Case Study: Business Email Compromise
Abstract
This chapter looks at Business Email Compromise, first describing the structure of common aspects of this scam, and then turning to countermeasures. It is worth noting that many other scams have related structures—for example, scammers commonly use stolen accounts for both Business Email Compromise scams and for Stranded Traveler scams (discussed in Chap. 7) Similarly, just as Business Email Compromise scams commonly use spoofing or masquerading using cousin-name domains, many Trojan Horse distribution campaigns masquerade as trusted senders to convince an intended victim to perform actions intended to infect his or her computer.
Markus Jakobsson

Conclusion

Frontmatter
Chapter 12. Conclusion and Next Steps
Abstract
Scam developments and scam countermeasures are both in constant flux, with one reacting to the other. As scammers identify a new human or technical weakness, they change their techniques. This, in turn, refocuses the efforts of scam researchers and practitioners, and drives entrepreneurs to identify new techniques to provide protection. Scammers, in turn, temporarily retreat, try new methods, and modify and augment their approaches. This is not going to end.
Markus Jakobsson
Backmatter
Metadata
Title
Understanding Social Engineering Based Scams
Editor
Markus Jakobsson
Copyright Year
2016
Publisher
Springer New York
Electronic ISBN
978-1-4939-6457-4
Print ISBN
978-1-4939-6455-0
DOI
https://doi.org/10.1007/978-1-4939-6457-4

Premium Partner

    Image Credits