Living in a Spamster's Paradise: Deceit and Threats in Phishing Emails

Masaryk University Journal of Law and Technology Pub Date : 2019-06-30 DOI:10.5817/MUJLT2019-1-3

Kristjan Kikerpill, A. Siibak

{"title":"Living in a Spamster's Paradise: Deceit and Threats in Phishing Emails","authors":"Kristjan Kikerpill, A. Siibak","doi":"10.5817/MUJLT2019-1-3","DOIUrl":null,"url":null,"abstract":"The prevalence of using email as a communication tool for personal and professional purposes makes it a significant attack vector for cybercriminals. Consensus exists that phishing, i.e. use of socially engineered messages to convince recipients into performing actions that benefit the sender, is widespread as a negative phenomenon. However, little is known about its true extent from a criminal law perspective. Similar to how the treatment of phishing in a generic manner does not adequately inform the relevant law, a case-by-case legal analysis of seemingly independent offences would not reveal the true scale and extent of phishing as a social phenomenon. The current research addresses this significant gap in the literature. To study this issue, a qualitative text analysis was performed on (N=42) emails collected over a 30-day period from two email accounts. Secondly, the phishing emails were analysed from an Estonian criminal law perspective. The legal analysis shows that in the period of only one month, the accounts received what amounts to 3 instances of extortion, 29 fraud attempts and 10 cases of personal data processing related misdemeanour offences.","PeriodicalId":38294,"journal":{"name":"Masaryk University Journal of Law and Technology","volume":" ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2019-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Masaryk University Journal of Law and Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5817/MUJLT2019-1-3","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

Abstract

The prevalence of using email as a communication tool for personal and professional purposes makes it a significant attack vector for cybercriminals. Consensus exists that phishing, i.e. use of socially engineered messages to convince recipients into performing actions that benefit the sender, is widespread as a negative phenomenon. However, little is known about its true extent from a criminal law perspective. Similar to how the treatment of phishing in a generic manner does not adequately inform the relevant law, a case-by-case legal analysis of seemingly independent offences would not reveal the true scale and extent of phishing as a social phenomenon. The current research addresses this significant gap in the literature. To study this issue, a qualitative text analysis was performed on (N=42) emails collected over a 30-day period from two email accounts. Secondly, the phishing emails were analysed from an Estonian criminal law perspective. The legal analysis shows that in the period of only one month, the accounts received what amounts to 3 instances of extortion, 29 fraud attempts and 10 cases of personal data processing related misdemeanour offences.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

生活在垃圾邮件发送者的天堂:网络钓鱼邮件中的欺骗和威胁

使用电子邮件作为个人和专业目的的通信工具的流行使其成为网络罪犯的重要攻击媒介。网络钓鱼是一种普遍存在的负面现象，即利用社会工程信息来说服收件人采取有利于发件人的行动。然而，从刑法的角度来看，其真实程度却鲜为人知。就像笼统地对待网络钓鱼并不能充分告知相关法律一样，对看似独立的违法行为进行个案法律分析也无法揭示网络钓鱼作为一种社会现象的真正规模和程度。目前的研究解决了这一文献中的重大空白。为了研究这个问题，我们对从两个电子邮件帐户收集的30天内的(N=42)封电子邮件进行了定性文本分析。其次，从爱沙尼亚刑法的角度对网络钓鱼邮件进行分析。法律分析显示，在短短一个月的时间内，这些账户收到了3起勒索案件、29起欺诈企图和10起与个人资料处理有关的轻罪案件。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Masaryk University Journal of Law and Technology Social Sciences-Law

CiteScore

1.00

自引率

0.00%

发文量