Advance
Preprints are early versions of research articles that have not been peer reviewed. They should not be regarded as conclusive and should not be reported in news media as established information.
mazephishing manuscript final.docx (63.55 kB)

Mazephishing: The COVID-19 pandemic as credible social context for social engineering attacks

Download (63.55 kB)
preprint
posted on 18.05.2021, 16:21 by Kristjan KikerpillKristjan Kikerpill, Andra Siibak

The first months of the COVID-19 pandemic witnessed a surge of social engineering attacks. Although the pandemic is certainly not the first occurrence of socially disruptive circumstances that drive cybercriminals to action, relevant academic scholarship has remained scarce. To fill this gap in literature, and propose the analytical framework of mazephishing that places particular emphasis on the importance of credible social context in the functioning of the online scam ecosystem, we carried out a content analysis of (N=563) international news stories reporting on social engineering attacks. Our results indicate that criminals make heavy use of social context and impersonation to make scams seem more credible. Major themes used in the scam messages include health information, personal protective equipment, cures, financial relief and donations. Additionally, scammers diversify their use of mediums depending on the type of scam being perpetrated. Our analysis also shows a significant presence of principles of persuasion in the circulated scam attempts.

History

Declaration of conflicts of interest

No conflict

Corresponding author email

kristjan.kikerpill@ut.ee

Lead author country

Estonia

Lead author job role

PhD Student

Lead author institution

University of Tartu

Human Participants

No

Comments

Log in to write your comment here...