Agreed terms and conditions name style
Mazephishing: The COVID-19 pandemic as credible social context for social engineering attacks
The first months of the COVID-19 pandemic witnessed a surge of social engineering attacks. Although the pandemic is certainly not the first occurrence of socially disruptive circumstances that drive cybercriminals to action, relevant academic scholarship has remained scarce. To fill this gap in literature, and propose the analytical framework of mazephishing that places particular emphasis on the importance of credible social context in the functioning of the online scam ecosystem, we carried out a content analysis of (N=563) international news stories reporting on social engineering attacks. Our results indicate that criminals make heavy use of social context and impersonation to make scams seem more credible. Major themes used in the scam messages include health information, personal protective equipment, cures, financial relief and donations. Additionally, scammers diversify their use of mediums depending on the type of scam being perpetrated. Our analysis also shows a significant presence of principles of persuasion in the circulated scam attempts.
History
Declaration of conflicts of interest
No conflictCorresponding author email
kristjan.kikerpill@ut.eeLead author country
- Estonia
Lead author job role
- PhD Student
Lead author institution
University of TartuHuman Participants
- No