University of Houston technologists have been considering why, in another wave of ransomware and malware scams, computer systems are so vulnerable and how it is that the main vector for such attacks is email. For the analysis, the researchers took an unusual step: they studied those emails from Hillary Clinton and Sarah Palin that were in the public domain.
Taking these messages, the researchers studied the characteristics of phishing emails and traits of the email. This was to try and model the factors that seemingly contribute to successful cyberattacks. For this, the academics drew on linguistics, calling upon natural language generation software (which analyses human language patterns) in order to create fake phishing emails from real emails.
There was a reason for this approach since is replicates a common tactic used by hackers when running so-termed “masquerade attacks.” A masquerade is a type of cyberattack where the attacker pretends to be an authorized user of a system in order to gain access to it or to gain greater privileges than they are authorized for.
To create their fake emails, the researchers put into their messages particular signals like fake names, repetitive sentences and the “incoherent flow” of everyday speech. They then asked volunteers to attempt to differentiate fake emails from a set of real emails, drawn from the Clinton and Palin set. The outcome of the study was that study group could not detect the real emails with any degree of confidence, with only getting one in every two emails correct (as either ‘fake’ or ‘real’).
The implications are that IT systems need to become more sophisticated and it is perhaps only through the development of artificial intelligence that a computer can hope to detect fake emails and block these from reaching the intended recipient. The researchers recently presented their findings to the ACM Asia Conference on Computer and Communications Security.
