Im Verfahren um die Veröffentlichung von privaten Promifotos hat sich der Verdächtige des Phishings schuldig bekannt. Doch mit der Veröffentlichung der Bilder will der Mann
Kriminelle wollen so an die Kontoinformationen der Empfänger gelangen. Offenbar verfügen sie über einen anderswo entwendeten Adressbestand. Die Nachrichten weisen auf ein angebliches Problem bei einem Online-Einkauf hin. Ein Link zur Stornierung der Transkation führt zu einer Phishing-Seite.
We investigate the statistical filtering
of phishing emails, where a classifier is
trained on characteristic features of existing
emails and subsequently is able to identify
new phishing emails with different contents.
We propose advanced email features generated
by adaptively trained Dynamic Markov
Chains and by novel latent Class-Topic Models.
On a publicly available test corpus classifiers
using these features are able to reduce
the number of misclassified emails by two
thirds compared to previous work. Using a
recently proposed more expressive evaluation
method we show that these results are statistically
significant. In addition we successfully
tested our approach on a non-public email
corpus with a real-life composition.
We have developed a systems that enables
the detection of certain common salting
tricks that are employed by criminals. Salting
is the intentional addition or distortion of
content. In this paper we describe a framework
to identify email messages that might
contain new, previously unseen tricks. To
this end, we compare the simulated perceived
email message text generated by our hidden
salting simulation system to the OCRed
text we obtain from the rendered email message.
We present robust text comparison
techniques and train a classifier based on the
differences of these two texts. In simulations
we show that we can detect suspicious emails
with a high level of accuracy.
In this paper, we present recent research on internet
threats aiming at fraud or hampering critical information infrastructure. One approach concentrates on the
rapid detection of phishing email, designed to make it next impossible for attackers to obtain financial
resources or commit identity theft in this way. Then we address how another type of internet fraud, the
violation of the rights of trademark owners by faked merchandise, can be semi-automatically solved with
text mining methods. Thirdly, we report on two projects that are designed to prevent fraud in business
processes in public administrations, namely in the healthcare sector and in customs administrations. Finally,
we focus on the issue of critical infrastructures, and describe our approach towards protecting them using a
specific middleware architecture.