Targeted Attacks: Redefining Spear Phishing and Business Email Compromise
Sarah Wassermann, Maxime Meyer, S\'ebastien Goutal, Damien Riquet
TL;DR
This paper redefines targeted email attacks like spear phishing and Business Email Compromise, introduces detection techniques, and compares targeted versus non-targeted variants to improve cybersecurity defenses.
Contribution
It provides a clear definition of targeted attacks, details social-engineering methods, and presents new detection techniques for malicious email payloads.
Findings
Targeted attacks are distinct from non-targeted email threats.
Text-based attacks with malicious payloads are identified and analyzed.
Detection techniques for targeted email threats are proposed and evaluated.
Abstract
In today's digital world, cybercrime is responsible for significant damage to organizations, including financial losses, operational disruptions, or intellectual property theft. Cyberattacks often start with an email, the major means of corporate communication. Some rare, severely damaging email threats - known as spear phishing or Business Email Compromise - have emerged. However, the literature disagrees on their definition, impeding security vendors and researchers from mitigating targeted attacks. Therefore, we introduce targeted attacks. We describe targeted-attack-detection techniques as well as social-engineering methods used by fraudsters. Additionally, we present text-based attacks - with textual content as malicious payload - and compare non-targeted and targeted variants.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSpam and Phishing Detection · Advanced Malware Detection Techniques · Cybercrime and Law Enforcement Studies