MAZEPHISHING: THE COVID-19 PANDEMIC AS CREDIBLE SOCIAL CONTEXT FOR SOCIAL ENGINEERING ATTACKS
MAZEPHISHING: THE COVID-19 PANDEMIC AS CREDIBLE SOCIAL CONTEXT FOR SOCIAL ENGINEERING ATTACKS
Author(s): Kristjan Kikerpill, Andra SiibakSubject(s): Media studies, Criminology, Health and medicine and law, ICT Information and Communications Technologies
Published by: Teaduste Akadeemia Kirjastus
Keywords: social engineering; phishing; message context; salient events; social context; cybercrime; content analysis;
Summary/Abstract: The first months of the COVID-19 pandemic witnessed a surge of social engineering attacks. Although the pandemic is certainly not the first occurrence of socially disruptive circumstances that drive cybercrime, relevant academic scholarship has remained scarce. To fill this gap in literature and propose the analytical framework of mazephishing that places particular emphasis on the importance of credible social context in the online scam ecosystem, we carried out a content analysis of (N = 563) international news stories reporting on social engineering attacks. Our results indicate that criminals make heavy use of social context and impersonation to make scams seem more credible. Major themes used in the scam messages include health information, personal protective equipment, cures, financial relief and donations. Additionally, scammers diversify their use of mediums depending on the type of scam being perpetrated. Our analysis also shows a significant presence of principles of persuasion in the circulated scam attempts.
Journal: TRAMES
- Issue Year: XXV/2021
- Issue No: 4
- Page Range: 371-393
- Page Count: 23
- Language: English
