In this paper we employ quantitative measurements of cognitive vulnerability triggers in phishing emails to predict the degree of success of an attack. To achieve this we rely on the cognitive psychology literature and develop an automated and fully quantitative method based on machine learning and econometrics to construct a triaging mechanism built around the cognitive features of a phishing email; we showcase our approach relying on data from the anti-phishing division of a large financial organization in Europe. Our evaluation shows empirically that an effective triaging mechanism for phishing success can be put in place by response teams to effectively prioritize remediation efforts (e.g. domain takedowns), by first acting on those attacks that are more likely to collect high response rates from potential victims.
|Title of host publication||Proceedings of the 28th USENIX Security Symposium|
|Number of pages||18|
|Publication status||Published - 6 May 2019|
|Event||28th Usenix Security Symposium 2019 - Santa Clara, United States|
Duration: 14 Aug 2019 → 16 Aug 2019
|Conference||28th Usenix Security Symposium 2019|
|Period||14/08/19 → 16/08/19|