Microtargeting or Microphishing? Phishing Unveiled

Abstract

Online advertisements delivered via social media platforms function in a similar way to phishing emails. In recent years there has been a growing awareness that political advertisements are being microtargeted and tailored to specific demographics, which is analogous to many social engineering attacks. This has led to calls for total bans on this kind of focused political advertising. Additionally, there is evidence that phishing may be entering a more developed phase using software known as Phishing as a Service to collect information on phishing or social engineering, potentially facilitating microphishing campaigns. To help understand such campaigns, a set of well-defined metrics can be borrowed from the field of digital marketing, providing novel insights which inform phishing email analysis. Our work examines in what ways digital marketing is analogous to phishing and how digital marketing metric techniques can be used to complement existing phishing email analysis. We analyse phishing email datasets collected by the University of Houston in comparison with Corporate junk email and microtargeting Facebook Ad Library datasets, thus comparing these approaches and their results using Weka, URL mismatch and visual metrics analysis. Our evaluation of the results demonstrates that phishing emails can be joined up in unexpected ways which are not revealed using traditional phishing filters. However such microphishing may have the potential to gather, store and analyse social engineering information to be used against a target at a later date in a similar way to microtargeting.