Litcius/Paper detail

Scamming higher ed: An analysis of phishing content and trends

Ethan Morrow

2024Computers in Human Behavior19 citationsDOIOpen Access PDF

Abstract

Universities are frequent targets of cyberattacks. This investigation seeks to explore common phishing techniques targeting institutions of higher education. This study analyzes the content and message features of a sample of 2,300 emails from 2010 to 2023 collected from Cornell’s Phish Bowl, including topics, persuasive appeals, emotional appeals, and spelling errors. Using analyses of association and text mining, the work maps out changes in phishing trends over time. One major finding is that security-focused phish have been replaced by those attempting to reflect routine university life, such as job offer scams. Additionally, this study identifies authority and scarcity as common persuasive appeals in phishing attempts and demonstrates a decrease in spelling errors over time. These findings have practical implications for cybersecurity training and awareness. They may also guide future work seeking to determine user susceptibility to phishing by providing insight into frequent attacks.

Topics & Concepts

PhishingSpellingInternet privacyWork (physics)Computer scienceScarcityWorld Wide WebContent analysisComputer securityPsychologyThe InternetEngineeringSociologyEconomicsMicroeconomicsMechanical engineeringLinguisticsPhilosophySocial scienceSpam and Phishing DetectionCybercrime and Law Enforcement StudiesHate Speech and Cyberbullying Detection