Community Targeted Phishing

A Middle Ground Between Massive and Spear Phishing Through Natural Language Generation

Alberto Giaretta*, Nicola Dragoni

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

Looking at today phishing panorama, we are able to identify two diametrically opposed approaches. On the one hand, massive phishing targets as many people as possible with generic and preformed texts. On the other hand, spear phishing targets high-value victims with hand-crafted emails. While nowadays these two worlds partially intersect, we envision a future where Natural Language Generation (NLG) techniques will enable attackers to target populous communities with machine-tailored emails. In this paper, we introduce what we call Community Targeted Phishing (CTP), alongside with some workflows that exhibit how NLG techniques can craft such emails. Furthermore, we show how Advanced NLG techniques could provide phishers new powerful tools to bring up to the surface new information from complex data-sets, and use such information to threaten victims’ private data.

Original languageEnglish
Title of host publicationProceedings of 6th International Conference in Software Engineering for Defence Applications - SEDA 2018
EditorsPaolo Ciancarini, Manuel Mazzara, Angelo Messina, Alberto Sillitti, Giancarlo Succi
PublisherSpringer
Publication date1 Jan 2020
Pages86-93
ISBN (Print)9783030146863
DOIs
Publication statusPublished - 1 Jan 2020
Event6th International Conference in Software Engineering for Defence Applications, SEDA 2018 - Rome, Italy
Duration: 7 Jun 20188 Jun 2018

Conference

Conference6th International Conference in Software Engineering for Defence Applications, SEDA 2018
CountryItaly
CityRome
Period07/06/201808/06/2018
SeriesAdvances in Intelligent Systems and Computing
Volume925
ISSN2194-5357

Keywords

  • Natural Language Generation
  • NLG
  • Phishing
  • Security

Cite this

Giaretta, A., & Dragoni, N. (2020). Community Targeted Phishing: A Middle Ground Between Massive and Spear Phishing Through Natural Language Generation. In P. Ciancarini, M. Mazzara, A. Messina, A. Sillitti, & G. Succi (Eds.), Proceedings of 6th International Conference in Software Engineering for Defence Applications - SEDA 2018 (pp. 86-93). Springer. Advances in Intelligent Systems and Computing, Vol.. 925 https://doi.org/10.1007/978-3-030-14687-0_8
Giaretta, Alberto ; Dragoni, Nicola. / Community Targeted Phishing : A Middle Ground Between Massive and Spear Phishing Through Natural Language Generation. Proceedings of 6th International Conference in Software Engineering for Defence Applications - SEDA 2018. editor / Paolo Ciancarini ; Manuel Mazzara ; Angelo Messina ; Alberto Sillitti ; Giancarlo Succi. Springer, 2020. pp. 86-93 (Advances in Intelligent Systems and Computing, Vol. 925).
@inproceedings{f946a9d4ec424f0db73cc7f4378b0cbe,
title = "Community Targeted Phishing: A Middle Ground Between Massive and Spear Phishing Through Natural Language Generation",
abstract = "Looking at today phishing panorama, we are able to identify two diametrically opposed approaches. On the one hand, massive phishing targets as many people as possible with generic and preformed texts. On the other hand, spear phishing targets high-value victims with hand-crafted emails. While nowadays these two worlds partially intersect, we envision a future where Natural Language Generation (NLG) techniques will enable attackers to target populous communities with machine-tailored emails. In this paper, we introduce what we call Community Targeted Phishing (CTP), alongside with some workflows that exhibit how NLG techniques can craft such emails. Furthermore, we show how Advanced NLG techniques could provide phishers new powerful tools to bring up{\^A} to the surface new information from complex data-sets, and use such information to threaten victims’ private data.",
keywords = "Natural Language Generation, NLG, Phishing, Security",
author = "Alberto Giaretta and Nicola Dragoni",
year = "2020",
month = "1",
day = "1",
doi = "10.1007/978-3-030-14687-0_8",
language = "English",
isbn = "9783030146863",
pages = "86--93",
editor = "Paolo Ciancarini and Manuel Mazzara and Angelo Messina and Alberto Sillitti and Giancarlo Succi",
booktitle = "Proceedings of 6th International Conference in Software Engineering for Defence Applications - SEDA 2018",
publisher = "Springer",

}

Giaretta, A & Dragoni, N 2020, Community Targeted Phishing: A Middle Ground Between Massive and Spear Phishing Through Natural Language Generation. in P Ciancarini, M Mazzara, A Messina, A Sillitti & G Succi (eds), Proceedings of 6th International Conference in Software Engineering for Defence Applications - SEDA 2018. Springer, Advances in Intelligent Systems and Computing, vol. 925, pp. 86-93, 6th International Conference in Software Engineering for Defence Applications, SEDA 2018, Rome, Italy, 07/06/2018. https://doi.org/10.1007/978-3-030-14687-0_8

Community Targeted Phishing : A Middle Ground Between Massive and Spear Phishing Through Natural Language Generation. / Giaretta, Alberto; Dragoni, Nicola.

Proceedings of 6th International Conference in Software Engineering for Defence Applications - SEDA 2018. ed. / Paolo Ciancarini; Manuel Mazzara; Angelo Messina; Alberto Sillitti; Giancarlo Succi. Springer, 2020. p. 86-93 (Advances in Intelligent Systems and Computing, Vol. 925).

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

TY - GEN

T1 - Community Targeted Phishing

T2 - A Middle Ground Between Massive and Spear Phishing Through Natural Language Generation

AU - Giaretta, Alberto

AU - Dragoni, Nicola

PY - 2020/1/1

Y1 - 2020/1/1

N2 - Looking at today phishing panorama, we are able to identify two diametrically opposed approaches. On the one hand, massive phishing targets as many people as possible with generic and preformed texts. On the other hand, spear phishing targets high-value victims with hand-crafted emails. While nowadays these two worlds partially intersect, we envision a future where Natural Language Generation (NLG) techniques will enable attackers to target populous communities with machine-tailored emails. In this paper, we introduce what we call Community Targeted Phishing (CTP), alongside with some workflows that exhibit how NLG techniques can craft such emails. Furthermore, we show how Advanced NLG techniques could provide phishers new powerful tools to bring up to the surface new information from complex data-sets, and use such information to threaten victims’ private data.

AB - Looking at today phishing panorama, we are able to identify two diametrically opposed approaches. On the one hand, massive phishing targets as many people as possible with generic and preformed texts. On the other hand, spear phishing targets high-value victims with hand-crafted emails. While nowadays these two worlds partially intersect, we envision a future where Natural Language Generation (NLG) techniques will enable attackers to target populous communities with machine-tailored emails. In this paper, we introduce what we call Community Targeted Phishing (CTP), alongside with some workflows that exhibit how NLG techniques can craft such emails. Furthermore, we show how Advanced NLG techniques could provide phishers new powerful tools to bring up to the surface new information from complex data-sets, and use such information to threaten victims’ private data.

KW - Natural Language Generation

KW - NLG

KW - Phishing

KW - Security

U2 - 10.1007/978-3-030-14687-0_8

DO - 10.1007/978-3-030-14687-0_8

M3 - Article in proceedings

SN - 9783030146863

SP - 86

EP - 93

BT - Proceedings of 6th International Conference in Software Engineering for Defence Applications - SEDA 2018

A2 - Ciancarini, Paolo

A2 - Mazzara, Manuel

A2 - Messina, Angelo

A2 - Sillitti, Alberto

A2 - Succi, Giancarlo

PB - Springer

ER -

Giaretta A, Dragoni N. Community Targeted Phishing: A Middle Ground Between Massive and Spear Phishing Through Natural Language Generation. In Ciancarini P, Mazzara M, Messina A, Sillitti A, Succi G, editors, Proceedings of 6th International Conference in Software Engineering for Defence Applications - SEDA 2018. Springer. 2020. p. 86-93. (Advances in Intelligent Systems and Computing, Vol. 925). https://doi.org/10.1007/978-3-030-14687-0_8