Phishing through social bots on Twitter

Authors
Publication date 2016
Host editors
  • J. Joshi
  • G. Karypis
  • L. Liu
  • X. Hu
  • R. Ak
  • Y. Xia
  • W. Xu
  • A.-H. Sato
  • S. Rachuri
  • L. Ungar
  • P.S. Yu
  • R. Govindaraju
  • T. Suzumura
Book title 2016 IEEE International Conference on Big Data
Book subtitle Dec 05-Dec 08, 2015, Washington D.C., USA : proceedings
ISBN
  • 9781467390057
ISBN (electronic)
  • 9781467390040
Event 4th IEEE International Conference on Big Data, Big Data 2016
Pages (from-to) 3703-3712
Number of pages 10
Publisher Piscataway, NJ: IEEE
Organisations
  • Faculty of Science (FNWI) - Informatics Institute (IVI)
Abstract

This work investigates how social bots can phish employees of organizations, and thus endanger corporate network security. Current literature mostly focuses on traditional phishing methods (through e-mail, phone calls, and USB sticks). We address the serious organizational threats and security risks caused by phishing through online social media, specifically through Twitter. This paper first provides a review of current work. It then describes our experimental development, in which we created and deployed eight social bots on Twitter, each associated with one specific subject. For a period of four weeks, each bot published tweets about its subject and followed people with similar interests. In the final two weeks, our experiment showed that 437 unique users could have been phished, 33 of which visited our website through the network of an organization. Without revealing any sensitive or real data, the paper analyses some findings of this experiment and addresses further plans for research in this area.
Document type Conference contribution
Language English
Published at https://doi.org/10.1109/BigData.2016.7841038
Other links https://www.scopus.com/pages/publications/85015226668
Permalink to this page
Back