|
|
Psychology of Phishing Attacks During Crises: The Case of Covid-19 Pandemic
Kaliňák, Viliam ; Erkomashvili, David (advisor) ; Špelda, Petr (referee)
Events and circumstances that accompany crises such as losses of loved ones, losses of material resources, dislocation, or physical harm, have an overall negative impact on people's mental health. It is this impaired state of man which makes him vulnerable to manipulation of social engineers who wants to take advantage of him in order to enrich themselves. This was also the case of the COVID-19 pandemic, the unprecedented crisis in modern history, during which phishing and fraud campaigns rapidly increased as people have been forced to stay safe at home and spent most of a day online. This work analyzes the psychological strategies of cybercriminals on a sample of more than 200 phishing e-mails in order to understand how the situation was abused and what can be learnt to prevent it in the future. It also provides theoretical and research frameworks for researchers who can apply it also on other types of crises. The results contribute to the fields of psychology, cybercrime as well as crisis management. Keywords COVID-19, phishing, social engineering, psychology, persuasion, crises, pandemic, impersonation, pretexting
|
|
| |
|
|
Ochrana před sociálním inženýrstvím
Vrbasová, Lenka
This bachelor's thesis focuses on the issue of social engineering and defense against it. Social engineering attacks present significant threat for common citizens and organizations. The Thesis is divided to five main topics. There is social engineering definition, methods, attacks in the Czech Republic, user protection and bank protection. The last section of this thesis is based on strategic analysis of micro enviroment and macro-enviroment.
|
|
| |
|
|
Phishing Detection in Web Pages
Beňo, Marek ; Hrivňák, Ján (referee) ; Holkovič, Martin (advisor)
This work deals with the design of a phishing attack detection and classification tool. The work describes techniques and forms of phishing attacks and availible tools and techniques for phishing detection. Based on the analysis of existing tools a solution for file classification is proposed. Implemented tool handles input parsing and creation of input model. Model is based on hybrid analysis of input file and URL. Using the YARA tool, YARA rules are applied which are then used in creation of input classification. Analysis of input model and definition of classification rules is enabled by implemented YARA module. Implemented solution makes it possible to define YARA rules for phishing classification based on the structural properties of a phishing file and features of source URL.
|
|
|
Security risks of social networks and their prevention
Nguyen, Sao Linh ; Koch, Miloš (referee) ; Sedlák, Petr (advisor)
This diploma thesis deals with the issue of security risks and threats of social networks. The work includes basic information about the most popular online social networks such as Facebook, Twitter and Instagram. The work analyzes the development and use of the above mentioned networks. In addition, there are the risks and dangers of communicating on social networks and recommendations for safe use.
|
|
|
Analýza způsobů informační bezpečnosti pro uživatele internetu
Vladimirova, Ekaterina ; Luc, Ladislav (advisor) ; Novotný, Jakub (referee)
This thesis is devoted to the information security risk analysis methods for Internet users. Its main objectives include familiarizing Internet users with the types of Internet security threats, analyzing the most prominent anti-virus software, giving instructions for installing a Windows firewall, and providing recommendations on information security. The theoretical part describes the main and most popular services offered on the Internet, as well as the history and development of the Internet. Other chapters focus on information security and describe the types of malware threats that might be encountered on the Internet. In the conclusion of the theoretical part the means of protection against cybercrime, i.e. anti-virus programs and firewalls are characterized. The practical part consists of three parts. The first part is devoted to the evaluation of seven popular antivirus programs with their own firewall in accordance with the selected criteria. The second part gives instructions on how to configure Windows 8 Firewall. Finally, recommendations for Internet users are provided, which must be observed for their own safety.
|
|
|
Phishing and other risks of public Wi-Fi networks
Mäsiar, Daniel ; Luc, Ladislav (advisor) ; Sedláček, Jiří (referee)
This bachelor's thesis deals with problematics of public wireless networks, with focus on tho-se operating in densely populated areas such as public transport, libraries or fast-food restau-rants. The goal of this thesis is to evaluate how users of public Wi-Fi networks behave, what their customs are and how high is their awareness about possible threats. In the intro of the theoretical part of this paper, main standards and norms are listed, essential terms are defined and various types of possible wireless attacks are presented as well as briefly described. Further, this thesis inspects possible ways of protection against these attacks and finally, term phishing is concisely defined. The empirical part is dedicated to creating of a suitable tool for gathering statistical data about awareness of users at public places. Further, this tool is used in combination with phishing methodics for the actual statistical research. The whole process will follow the rules and laws defined by The Office for Personal Data in Czech Republic.
|
|
|
The pitfalls of social engineering, prevention and protection
Rytychová, Jana ; Hejda, Jan (advisor) ; Syrovátka, Oldřich (referee)
This bachelor thesis deals with the issue of social engineering, especially from the point of view of threats, which is present for society today. In addition to clarifying the concept itself, the aim of the thesis is to familiarize itself with the most common tools and methods of social engineering, with respect to expansion of information technologies, which is a golden age for the given branch. The output of this thesis is a general manual for the manager. It will form the cornerstone of information security settings and will be an imaginary counterbalance to identified threats and also as a possible tool for employee training.
|
|
|
Phishing in the gaming industry
Nguyen Van, Thanh ; Luc, Ladislav (advisor) ; Veber, Jaromír (referee)
This bachelor thesis deals with a currently major issue of cyber security, which is phishing. The study is also specific in that it is focused on the gaming industry, which is subjected to a detailed analysis. The first goal of thesis is to acquaint the reader with problems of security risks of phishing in general and in game related fields. To achieve this goal, in the introduction of the theoretical part of the work, the general problem of phishing with a view on historical development and expansion is presented. Furthermore is described topic of gaming industry, its trends of videogames and security risks of online trading. The second goal is to give future and existing Steam users an overview of common phish-ing attacks and countermeasures. To achieve this goal, in the analytical part of the work, a specific gaming platform in online trading and distribution of game is selected, Steam from Valve. In the practical part of the work, eight selected phishing attacks are conducted to brief analysis and completed into a final evaluation and countermesures of all attacks.
|
guest ::
