China 
Africa 
Explore chapters and articles related to this topic
Data Mining – Unsupervised Learning
Published in Rakesh M. Verma, David J. Marchette, Cybersecurity Analytics, 2019
Rakesh M. Verma, David J. Marchette
An address spoofer uses the email address of a trusted sender in the From field of the header. The attacker could also spoof the name in the From field as well and try to match the header exactly as the header of an email from the trusted sender modulo the dates and times. Such an attacker could be caught by email authentication methods such as DKIM (Domain Keys Identified Mail protocol) and DMARC (Domain-based Message Authentication, Reporting & Conformance). However, not many organizations are currently using DKIM/DMARC. The name spoofer spoofs the name in the From field, but not necessarily the email address. Since the email address is not spoofed, DKIM/DMARC cannot catch this kind of attack.
Employees’ Behavior in Phishing Attacks: What Individual, Organizational, and Technological Factors Matter?
Published in Journal of Computer Information Systems, 2021
Hamidreza Shahbaznezhad, Farzan Kolini, Mona Rashidirad
Although technical countermeasures such as anti-phishing and spamming tools (e.g., SPF, DKIM and DMARC), e-mail malware detection, and data loss prevention (DLP) are deployed to mitigate the risk of phishing attacks, using these technologies to detect phishing attacks remains a challenging problem. This is not least because they often require human intervention to analyze and distinguish between phishing and legitimate e-mails. Success in the battle against phishing attacks can be achieved while organizations invest in both technological and socio-organizational functions and capabilities.5 Since the focus of phishing attacks shifts toward individuals and organizational resources, employee’s compliance with e-mail security policies and requirements has been considered as a key socio-technical capability for organizations. Organizations often deploy phishing attack simulation exercises as a means to identify vulnerable employees and provide them with required phishing training to increase their organizational awareness against commonly used phishing tactics, techniques, and procedures (TTPs). However, employees sometimes fail to apply their knowledge and awareness on phishing adequately.6 Some organizations also develop an e-mail security policy and standard operating procedures (SOPs) to provide employees with required guidelines to ensure that e-mail security requirements are achieved while utilizing information system (IS) resources.7 Hence, understanding the socio-technical antecedents to employee’s compliance with the organization’s e-mail security policy and requirements is deterministic.