Winning the phishing war: A strategy for Australia

Stephen McCombie; Josef Pieprzyk

doi:10.1109/CTC.2010.13

Winning the phishing war

A strategy for Australia

Stephen McCombie^*, Josef Pieprzyk

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution

13 Citations (Scopus)

51 Downloads (Pure)

Abstract

Phishing, a form of on-line identity theft, is a major problem worldwide, accounting for more than $7.5 Billion in losses in the US alone between 2005 and 2008. Australia was the first country to be targeted by Internet bank phishing in 2003 and continues to have a significant problem in this area. The major cyber crime groups responsible for phishing are based in Eastern Europe. They operate with a large degree of freedom due to the inherent difficulties in cross border law enforcement and the current situation in Eastern Europe, particularly in Russia and the Ukraine. They employ highly sophisticated and efficient technical tools to compromise victims and subvert bank authentication systems. However because it is difficult for them to repatriate the fraudulently obtained funds directly they employ Internet money mules in Australia to transfer the money via Western Union or Moneygram. It is proposed a strategy, which firstly places more focus by Australian law enforcement upon transactions via Western Union and Moneygram to detect this money laundering, would significantly impact the success of the Phishing attack model. This combined with a technical monitoring of Trojan technology and education of potential Internet money mules to avoid being duped would provide a winning strategy for the war on phishing for Australia.

Original language	English
Title of host publication	Proceedings - 2nd Cybercrime and Trustworthy Computing Workshop, CTC 2010
Place of Publication	Piscataway, NJ
Publisher	Institute of Electrical and Electronics Engineers (IEEE)
Pages	79-86
Number of pages	8
ISBN (Print)	9780769541860
DOIs	https://doi.org/10.1109/CTC.2010.13
Publication status	Published - 2010
Event	2nd Cybercrime and Trustworthy Computing Workshop, CTC - 2010 - Ballarat, Australia Duration: 19 Jul 2010 → 20 Jul 2010

Other

Other	2nd Cybercrime and Trustworthy Computing Workshop, CTC - 2010
Country	Australia
City	Ballarat
Period	19/07/10 → 20/07/10

Bibliographical note

Copyright 2010 IEEE. Reprinted from Second Cybercrime and Trustworthy Computing Workshop : Ballarat, Victoria, Australia, 19-20 July 2010. This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of Macquarie Universityâ€™s products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to pubs-permissions@ieee.org. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.

Access to Document

10.1109/CTC.2010.13

Publisher version (open access).pdfFinal published version, 1 MB

Link to publication in Scopus

Fingerprint Dive into the research topics of 'Winning the phishing war: A strategy for Australia'. Together they form a unique fingerprint.

Cite this

@inproceedings{5c5c93af67fc4d428953e4c3c3a27f65,

title = "Winning the phishing war: A strategy for Australia",

abstract = "Phishing, a form of on-line identity theft, is a major problem worldwide, accounting for more than $7.5 Billion in losses in the US alone between 2005 and 2008. Australia was the first country to be targeted by Internet bank phishing in 2003 and continues to have a significant problem in this area. The major cyber crime groups responsible for phishing are based in Eastern Europe. They operate with a large degree of freedom due to the inherent difficulties in cross border law enforcement and the current situation in Eastern Europe, particularly in Russia and the Ukraine. They employ highly sophisticated and efficient technical tools to compromise victims and subvert bank authentication systems. However because it is difficult for them to repatriate the fraudulently obtained funds directly they employ Internet money mules in Australia to transfer the money via Western Union or Moneygram. It is proposed a strategy, which firstly places more focus by Australian law enforcement upon transactions via Western Union and Moneygram to detect this money laundering, would significantly impact the success of the Phishing attack model. This combined with a technical monitoring of Trojan technology and education of potential Internet money mules to avoid being duped would provide a winning strategy for the war on phishing for Australia.",

author = "Stephen McCombie and Josef Pieprzyk",

note = "Copyright 2010 IEEE. Reprinted from Second Cybercrime and Trustworthy Computing Workshop : Ballarat, Victoria, Australia, 19-20 July 2010. This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of Macquarie University{\^a}€™s products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to pubs-permissions@ieee.org. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.",

year = "2010",

doi = "10.1109/CTC.2010.13",

language = "English",

isbn = "9780769541860",

pages = "79--86",

booktitle = "Proceedings - 2nd Cybercrime and Trustworthy Computing Workshop, CTC 2010",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

address = "United States",

}

McCombie, S & Pieprzyk, J 2010, Winning the phishing war: A strategy for Australia. in Proceedings - 2nd Cybercrime and Trustworthy Computing Workshop, CTC 2010., 5615076, Institute of Electrical and Electronics Engineers (IEEE), Piscataway, NJ, pp. 79-86, 2nd Cybercrime and Trustworthy Computing Workshop, CTC - 2010, Ballarat, Australia, 19/07/10. https://doi.org/10.1109/CTC.2010.13

TY - GEN

T1 - Winning the phishing war

T2 - A strategy for Australia

AU - McCombie, Stephen

AU - Pieprzyk, Josef

N1 - Copyright 2010 IEEE. Reprinted from Second Cybercrime and Trustworthy Computing Workshop : Ballarat, Victoria, Australia, 19-20 July 2010. This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of Macquarie Universityâ€™s products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to pubs-permissions@ieee.org. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.

PY - 2010

Y1 - 2010

N2 - Phishing, a form of on-line identity theft, is a major problem worldwide, accounting for more than $7.5 Billion in losses in the US alone between 2005 and 2008. Australia was the first country to be targeted by Internet bank phishing in 2003 and continues to have a significant problem in this area. The major cyber crime groups responsible for phishing are based in Eastern Europe. They operate with a large degree of freedom due to the inherent difficulties in cross border law enforcement and the current situation in Eastern Europe, particularly in Russia and the Ukraine. They employ highly sophisticated and efficient technical tools to compromise victims and subvert bank authentication systems. However because it is difficult for them to repatriate the fraudulently obtained funds directly they employ Internet money mules in Australia to transfer the money via Western Union or Moneygram. It is proposed a strategy, which firstly places more focus by Australian law enforcement upon transactions via Western Union and Moneygram to detect this money laundering, would significantly impact the success of the Phishing attack model. This combined with a technical monitoring of Trojan technology and education of potential Internet money mules to avoid being duped would provide a winning strategy for the war on phishing for Australia.

AB - Phishing, a form of on-line identity theft, is a major problem worldwide, accounting for more than $7.5 Billion in losses in the US alone between 2005 and 2008. Australia was the first country to be targeted by Internet bank phishing in 2003 and continues to have a significant problem in this area. The major cyber crime groups responsible for phishing are based in Eastern Europe. They operate with a large degree of freedom due to the inherent difficulties in cross border law enforcement and the current situation in Eastern Europe, particularly in Russia and the Ukraine. They employ highly sophisticated and efficient technical tools to compromise victims and subvert bank authentication systems. However because it is difficult for them to repatriate the fraudulently obtained funds directly they employ Internet money mules in Australia to transfer the money via Western Union or Moneygram. It is proposed a strategy, which firstly places more focus by Australian law enforcement upon transactions via Western Union and Moneygram to detect this money laundering, would significantly impact the success of the Phishing attack model. This combined with a technical monitoring of Trojan technology and education of potential Internet money mules to avoid being duped would provide a winning strategy for the war on phishing for Australia.

UR - http://www.scopus.com/inward/record.url?scp=78649836899&partnerID=8YFLogxK

U2 - 10.1109/CTC.2010.13

DO - 10.1109/CTC.2010.13

M3 - Conference proceeding contribution

SN - 9780769541860

SP - 79

EP - 86

BT - Proceedings - 2nd Cybercrime and Trustworthy Computing Workshop, CTC 2010

PB - Institute of Electrical and Electronics Engineers (IEEE)

CY - Piscataway, NJ

ER -