Fraudulent E-mails Rich with Information Aid Success to Phishing Scams, Finds Study
Researchers from New York situated University at Buffalo recently commissioned a study which revealed that e-mails 'rich with information' and capable of changing cognitive processes of the recipients most commonly aided victory to phishing campaigns, published net-security.org, January 26, 2015.
E-mails rich-with-information imply provision of graphics and logos inside the messages that recipients can recognize. Alongside this, the message body that's meticulously framed for giving a personal touch, use of fear-instilling language as well as a deadline by when reply to the e-mail should be made complete the winning recipe.
According to Professor of Communication Arun Vishwanath at University at Buffalo, who's also co-author of the research, the described e-mail lures prove effective since they make the victim think he has a social presence i.e. he's interacting with an individual of flesh-and-blood. Ecnmag.com published this, January 23, 2015.
Prof. Vishwanath continues that the social presence gives the e-mail an increased personal touch, lessens mistrust as also incites heuristic processing that's accompanied with minimal caution during assessing and answering it. Within such circumstances, the researchers discovered that when an e-mail solicits personal information, the public shows a greater readiness for providing it, he explains.
He further states the study found the kind of information-rich phishing e-mail yielded a 68% rate of victimization.
The findings are significant which suggest the necessity for devising anti-phishing interventions which create awareness among people regarding threat from e-mails that are rich as also have presence cues, Prof. Vishwanath elaborates.
Nobody is invulnerable to the said cyber-assaults. Not firms with the highest technology like Yahoo or Apple ever-since online-attackers lately exploited their security flaws. So aren't advanced national networks like Israel's which was hacked via one phishing assault wherein e-mail posing as message from the country's internal security agency Shin Bet served a fake Portable Document File (PDF) that allowed hackers to invade the defense network of the agency.
The UAB research queried 125 undergraduate students, e-mailing them one simulated phishing message sent out from one Gmail A/c that was made ready for utilization during another research at University of Hawaii, USA held 48th Hawaii International Conference on System Sciences, January 5-8, 2015.