From fishing to phishing

Elmer Evert Hendrik Lastdrager

    Research output: ThesisPhD Thesis - Research UT, graduation UT

    612 Downloads (Pure)


    Phishing is one of the many types of cybercrime targeting internet users. A phishing message is sent with the aim to obtain information from a potential victim. One of the reasons phishing is popular has
    to do with the connectivity that the internet provides. A message can be spread to thousands of recipients with little effort and at negligible cost. A successful phishing attack can lead to identity theft and loss of money for the victims.When an organisation is targeted, phishing can lead to, among other things, compromised network security and stolen intellectual property.
    Phishing is highly scalable. On the other side of the scalability spectrum are less scalable modus operandi. We categorise less scalable methods as “fishing for information”. In this thesis, we aim to explore the spectrum of scalability. This thesis uses a socio-technical approach by describing both experiments and technical perspectives to “fishing” and phishing.
    This thesis starts by exploring definitions of phishing in literature and analysing their concepts. This provides us with a foundation of what constitutes phishing. Following on the definition, we explore
    two modus operandi that are less scalable than phishing, using USB keys and QR codes.We focus on measuring attack effectiveness on the boundary between the physical (i. e., objects on the floor) and digital world (i. e., getting a computer virus.) By quantifying the effectiveness of an attack using experiments, we investigate the feasibility of less scalable attacks. Then, we investigate the thought patterns that potential victims use in order to assess a phishing email. The thought patterns, or heuristics, determine whether a recipient of phishing becomes a victim or not. Knowledge on people’s thought patterns can be used to improve user training. Subsequently, we created a anti-phishing
    training to be provided to children.We show that training children is feasible and increases their ability to detect phishing on the short term.
    Finally, we performed a large-scale analysis of phishing emails in the Netherlands.We discuss patterns in terms of both attacker behavior as well as recipient behaviour. Our results demonstrate the effectiveness of phishing with different degrees of scalability. Less scalable methods of attack require more effort on the part of the attacker, but provide higher effectiveness. More scalable attacks provide lower success rates, but require less effort than scalable attacks. The contributions in this thesis allow researchers and security professionals to better understand the dynamic nature of phishing.
    Original languageEnglish
    QualificationDoctor of Philosophy
    Awarding Institution
    • University of Twente
    • Hartel, Pieter Hendrik, Supervisor
    • Junger, Marianne, Supervisor
    Award date9 Feb 2018
    Place of PublicationEnschede
    Print ISBNs978-90-365-4479-5
    Publication statusPublished - 9 Feb 2018


    Dive into the research topics of 'From fishing to phishing'. Together they form a unique fingerprint.

    Cite this