We need Phishing Awareness Tools to train employees because existing anti-phishing filters are not 100% capable of detecting phishing attacks, especially zero-day attacks. Current awareness tools can make phishing campaigns targeting the employees, but they contain an only limited number of predefined email templates. In this work, we designed a framework and built a tool generating new phishing emails automatically from a graph database perspective. Then, we conducted a three-round experiment. We sent the automatically-generated emails to some uninformed members of our community. On average, 72.85% of victims opened the emails, the click-through rate was 54.05% among who opened the emails, and all recipients who completed the survey stated that the content of emails was meaningful. In this experiment, we also showed which parts of the email are more luring and what the result might be if emails are carefully-crafted or from a person of authority.
CITATION STYLE
Maleki, N., & Ghorbani, A. A. (2019). Generating Phishing Emails Using Graph Database. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11879 LNCS, pp. 434–449). Springer. https://doi.org/10.1007/978-3-030-34339-2_25
Mendeley helps you to discover research relevant for your work.