Phish What You Wish

Gadient, Pascal; Gerig, Pascal; Nierstrasz, Oscar; Ghafari, Mohammad (December 2021). Phish What You Wish. In: 21st IEEE International Conference on Software Quality, Reliability, and Security (QRS). Hainan, China and virtuell. December 6 and 10, 2021. 10.1109/QRS54544.2021.00113

[img]
Preview
Text
Gadi21b.pdf - Accepted Version
Available under License Publisher holds Copyright.

Download (354kB) | Preview

IT professionals have no simple tool to create phishing websites and raise the awareness of users. We developed a prototype that can dynamically mimic websites by using enriched screenshots, which requires no additional programming experience and is simple to set up. The generated websites are functional and remain up-to-date. We found that 98 of the hyperlinks in mimicked websites are functional with our tool, compared to 43 with the best competitor, and only two participants suspected phishing attempts at the time they were performing tasks with our prototype. This work intends to raise awareness for phishing attempts especially with local websites by providing an easy to use prototype to set up such phishing sites.

Item Type:

Conference or Workshop Item (Paper)

Division/Institute:

08 Faculty of Science > Institute of Computer Science (INF)
08 Faculty of Science > Institute of Computer Science (INF) > Software Composition Group (SCG) [discontinued]

UniBE Contributor:

Gadient, Pascal Josef, Gerig, Pascal Dominik, Nierstrasz, Oscar, Ghafari, Mohammad

Subjects:

000 Computer science, knowledge & systems

Language:

English

Submitter:

Oscar Nierstrasz

Date Deposited:

22 Feb 2022 15:06

Last Modified:

26 Jul 2023 10:50

Publisher DOI:

10.1109/QRS54544.2021.00113

Uncontrolled Keywords:

scg-pub security snf-asa3 scg21 jb22 MISSING-DOI

BORIS DOI:

10.48350/165142

URI:

https://boris.unibe.ch/id/eprint/165142

Actions (login required)

Edit item Edit item
Provide Feedback