Skip to main content
SpringerLink
Log in

Online Social Network Phishing Attack

  • Living reference work entry
  • First Online:
Encyclopedia of Social Network Analysis and Mining

  • 135 Accesses

Synonyms

Scamming

Glossary

Social Engineering Attacks:

Attacks that rely on the psychological manipulation of the chosen victim

Spam:

Huge bulk of copied messages to an extremely large number of recipients

DNS Hijacking/DNS Redirection:

The practice of redirecting the resolution of Domain Name Systems (DNS) names to other DNS servers

Definition

Phishing is a kind of attack whereby an attacker endeavors to steal sensitive information. The technique is to direct the victim to provide the information voluntarily under the pretence that this information is requested by a legitimate source. Phishing attacks are usually motivated by the intention of stealing personal credit card or personal bank account details via e-mails but are also used for many other purposes always depending on the situation and the needs of the phisher. Social network phishing is the technique of stealing users’ log-in and other sensitive personal information in online social network sites.

Introduction

Millions of...

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

References

  • Anandpara V, Dingman A, Jakobsson M, Liu D, Roinestad H (2007) Phishing IQ tests measure fear, not ability. In: Proceedings of the 11th international conference on financial cryptography and 1st international conference on usable security, Scarborough, pp 1–6

    Google Scholar 

  • Bilge L, Strufe T, Balzarotti D, Kirda E (2009) All your contacts are belong to us: automated identity theft attacks on social networks. In: 18th international conference on World Wide Web (WWW), Madrid, pp 551–560

    Google Scholar 

  • Chhabra S, Aggarwal A, Benevenuto F, Kumaraguru P (2011) Phi.sh/$ocial: the phishing landscape through short urls. In: Annual collaboration, electronic messaging, anti-abuse and spam conference (CEAS), Perth, pp 92–101

    Google Scholar 

  • Cranor L, Egelman S, Hong J, Zhang Y (2006) Phinding phish: an evaluation of anti-phishing toolbars. Technical report, Carnegie Mellon University

    Google Scholar 

  • CriminalDefenceLawyer.com. Phishing: sentencing and penalties. Address to download http://www.criminaldefenselawyer.com/crime-penalties/federal/phishing.htm. Retrieved on 1 Oct 2012

  • Dhamija R, Tygar JD, Hearst M (2006) Why phishing works. In: Proceedings of the SIGCHI conference on human factors in computing systems, Montreal, pp 581–550

    Google Scholar 

  • Evans J (2013) Manage your Facebook privacy and reputation profile, 2011. Address to download http://www.julianevansblog.com/2011/04/manage-your-facebook-privacy-and-reputation-profile.html. Retrieved on 18 Apr 2013

  • Gordon LA, Loeb MP, Lucyshyn W, Richardson R (2006) CSI/FBI computer crime and security survey. Technical report, Computer Security Institute

    Google Scholar 

  • Gross R, Acquisti A (2005) Information revelation and privacy in online social networks. In: Proceedings of the workshop on privacy in the electronic society, Alexandria, pp 71–80

    Google Scholar 

  • Huber M, Kowalski S, Nohlberg M, Tjoa S (2009) Towards automating social engineering using social networking sites. In: IEEE international conference on computational science and engineering, vol 3, Vancouver, pp 117–124

    Google Scholar 

  • Internet Corporation for Assigned Names and Numbers (ICANN) Security and Stability Advisory Committee (SSAC) (2005) Domain name hijacking: incidents, threats, risks, and remedial action. Address to download http://archive.icann.org/en/announcements/hijacking-report-12jul05.pdf. Retrieved on 3 Nov 2013

  • Jagatic TN, Johnson NA, Jakobsson M, Menczer F (2007) Social phishing. Commun ACM 50(10):94–100

    Article  Google Scholar 

  • Jakobsson M, Myers S (eds) (2006) Phishing and countermeasures: understanding the increasing problem of electronic identity theft. Wiley, Hoboken

    Google Scholar 

  • Kumaraguru P, Sheng S, Acquisti A, Cranor LF, Hong J (2007) Teaching Johnny not to fall for phish technology. Cranegie Mellon University, Pittsburgh

    Google Scholar 

  • Kumaraguru P, Sheng S, Acquisti A, Cranor LF, Hong J (2010) Teaching Johnny not to fall for phish. ACM Trans Internet Technol 10(2):31

    Article  Google Scholar 

  • Liberman M (2013) Phishing, in the language log, 2004. Address to download http://itre.cis.upenn.edu/~myl/languagelog/archives/001477.html. Retrieved on 18 Apr 2013

  • McGeehan R (2009) Protect yourself against phishing. Technical report, Facebook. Address to download https://www.facebook.com/blog.php?post=81474932130. Retrieved on 18 Apr 2013

  • Michelakis E, Androutsopoulos I, Paliouras G, Sakkis G, Stamatopoulos P (2004) Filtron: a learning-based antispam filter. In: Proceedings of the 1st conference on email and anti-spam, Mountain View

    Google Scholar 

  • Nazir A, Raza S, Chuah C-N (2008) Unveiling facebook: a measurement study of social network based applications. In: Proceedings of the 8th ACM SIGCOMM conference on internet measurement. ACM, Vouliagmeni, pp 43–56

    Chapter  Google Scholar 

  • PhishMe Inc (2013) Phishme. Address to download http://www.phishme.com/. Retrieved on 18 Apr 2013

  • Phishtank. http://www.phishtank.com. Retrieved on 18 Apr 2013

  • Robila SA, Ragucci JW (2006) Don’t be a phish: steps in user education. In: Proceedings of the 11th annual SIGCSE conference on innovation and technology in computer science education, Bologna, Italy. ACM, New York, pp 237–241

    Google Scholar 

  • SonicWALL, Inc (2013) SonicWALL phishing IQ test. Address to download http://www.sonicwall.com/furl/phishing. Retrieved on 18 Apr 2013

  • TechTarget. Hijacking – definition. Address to download http://searchsecurity.techtarget.com/definition/hijacking. Retrieved on 18 Apr 2013

  • Zhang Y, Egelman S, Cranor LF, Hong J (2007) Phinding phish: evaluating anti-phishing tools. In: Proceedings of the 14th annual network & distributed system security symposium (NDSS), San Diego

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information and Communication Systems Engineering, University of the Aegean, Karlovassi, Samos, Greece

    Tzouramanis Theodoros & Karampelas Loukas

Authors
  1. Tzouramanis Theodoros
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Karampelas Loukas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tzouramanis Theodoros .

Editor information

Editors and Affiliations

  1. Computer Science, University of Calgary, Calgary, Alberta, Canada

    Reda Alhajj

  2. University of Calgary Computer Science, Calgary, Canada

    Jon Rokne

Section Editor information

  1. UC-Davis, Davis, CA, USA

    Felix Wu

  2. Blekinge Institute of Technology, Karlskrona, Sweden

    Henric Johnson

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Science+Business Media LLC

About this entry

Cite this entry

Theodoros, T., Loukas, K. (2017). Online Social Network Phishing Attack. In: Alhajj, R., Rokne, J. (eds) Encyclopedia of Social Network Analysis and Mining. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-7163-9_348-1

Download citation

  • DOI: https://doi.org/10.1007/978-1-4614-7163-9_348-1

  • Received:

  • Accepted:

  • Published:

  • Publisher Name: Springer, New York, NY

  • Print ISBN: 978-1-4614-7163-9

  • Online ISBN: 978-1-4614-7163-9

  • eBook Packages: Springer Reference Computer SciencesReference Module Computer Science and Engineering

Publish with us

Policies and ethics

Search

Navigation