Community Targeted Phishing: A Middle Ground Between Massive and Spear Phishing Through Natural Language Generation

Alberto Giaretta*, Nicola Dragoni

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

Looking at today phishing panorama, we are able to identify two diametrically opposed approaches. On the one hand, massive phishing targets as many people as possible with generic and preformed texts. On the other hand, spear phishing targets high-value victims with hand-crafted emails. While nowadays these two worlds partially intersect, we envision a future where Natural Language Generation (NLG) techniques will enable attackers to target populous communities with machine-tailored emails. In this paper, we introduce what we call Community Targeted Phishing (CTP), alongside with some workflows that exhibit how NLG techniques can craft such emails. Furthermore, we show how Advanced NLG techniques could provide phishers new powerful tools to bring up to the surface new information from complex data-sets, and use such information to threaten victims’ private data.

Original languageEnglish
Title of host publicationProceedings of 6th International Conference in Software Engineering for Defence Applications - SEDA 2018
EditorsPaolo Ciancarini, Manuel Mazzara, Angelo Messina, Alberto Sillitti, Giancarlo Succi
PublisherSpringer
Publication date1 Jan 2020
Pages86-93
ISBN (Print)9783030146863
DOIs
Publication statusPublished - 1 Jan 2020
Event6th International Conference in Software Engineering for Defence Applications, SEDA 2018 - Rome, Italy
Duration: 7 Jun 20188 Jun 2018

Conference

Conference6th International Conference in Software Engineering for Defence Applications, SEDA 2018
CountryItaly
CityRome
Period07/06/201808/06/2018
SeriesAdvances in Intelligent Systems and Computing
Volume925
ISSN2194-5357

Keywords

  • Natural Language Generation
  • NLG
  • Phishing
  • Security

Cite this

Giaretta, A., & Dragoni, N. (2020). Community Targeted Phishing: A Middle Ground Between Massive and Spear Phishing Through Natural Language Generation. In P. Ciancarini, M. Mazzara, A. Messina, A. Sillitti, & G. Succi (Eds.), Proceedings of 6th International Conference in Software Engineering for Defence Applications - SEDA 2018 (pp. 86-93). Springer. Advances in Intelligent Systems and Computing, Vol.. 925 https://doi.org/10.1007/978-3-030-14687-0_8