The Threat of Political Phishing
نویسندگان
چکیده
Internet based donations to political candidates are now a vital part of any successful campaign. Tens of millions of dollars are raised each year, primarily in sub one-hundred dollar amounts from individuals around the country. Politicians have exempted their own campaign donation solicitation emails from federal anti-spam legislation, and their campaigns encourage risky behavior by teaching users that it is ok to click the “donate” button on an unsolicited email that arrives from a candidate. While not yet a major problem, fraudulent websites that masquerade as genuine campaign sites aiming to defraud donors are a significant threat on the not-so-distant horizon. These political phishing sites are easy to create, and extremely difficult for users to detect as not authentic. This paper will discuss threats against online campaign donation systems, and discuss the unique factors which make this type of online commerce particularly vulnerable to fraud based attacks. Finally, we propose a realistic and cost-effective solution to the problem. 1 The Importance of Online Campaign Donations Over the past few years, online campaign donations have increasingly become a significant portion of the overall campaign fundraising process. Hillary Clinton’s presidential campaign raised over eight million dollars online during the third quarter of 2007, more than one year before the 2008 presidential election [23]. During the 2004 election, John Kerry set the single-day online campaign donation record, raising over three million dollars on June 3
منابع مشابه
A Phishing Model and Its Applications to Evaluating Phishing Attacks
Phishing is a growing threat to Internet users and causes billions of dollars in damage every year. In this paper, we present a theoretical yet practical model to study this threat in a formal manner. While it is folklore knowledge that a successful phishing attack entails creating messages that are indistinguishable from the natural, expected messages by the intended victim, this concept has n...
متن کاملPoster: User-Centric Phishing Threat Detection
This paper presents a context-aware phishing threat detection model from users’ behavioral perspectives. The context of users’ information accesses is investigated to explore the users’ browsing behaviors that confront phishing situations. Large-scale experiments show that our approach achieves an accuracy of 0.9973 and an F1 score of 0.9311 for predicting the phishing threats of users’ next ac...
متن کاملPhishing threat avoidance behaviour: An empirical investigation
Phishing is an online identity theft that aims to steal sensitive information such as username, password and online banking details from its victims. Phishing education needs to be considered as a means to combat this threat. This paper reports on a design and development of a mobile game prototype as an educational tool helping computer users to protect themselves against phishing attacks. The...
متن کاملPhishing - A Growing Threat to E-Commerce
In today’s business environment, it is difficult to imagine a workplace without access to the web, yet a variety of email born viruses, spyware, adware, Trojan horses, phishing attacks, directory harvest attacks, DoS attacks, and other threats combine to attack businesses and customers. This paper is an attempt to review phishing – a constantly growing and evolving threat to Internet based comm...
متن کاملUnintentional Insider Threats: A Review of Phishing and Malware Incidents by Economic Sector
The research documented in this paper seeks to advance the understanding of the unintentional insider threat (UIT) that results from phishing and other social engineering cases, specifically those involving malicious software (malware). The research team collected and analyzed publicly reported phishing cases and performed an initial analysis of the industry sectors impacted by this type of inc...
متن کامل