Phishing attacks are a common feature of online communications. Phishing attacks impact many actors, from individual victims to the corporate and government agencies whose brands are deceptively used. Responding to phishing is big business, driving software security markets, influencing eCommerce uptake and participation, and protecting corporate brand and image. Yet despite its insidious nature and the penetration of phishing throughout online communications, little is known regarding phishing attacks and their responses. This paper is a response to this key knowledge gap, analyzing the tasks and mapping the social interactions of a phishing attack and the associated response. To achieve this, the research team adopted a multi-method approach in examining the underlying functions and interactions involved in a phishing attack and its response by deliberately ‘taking the phishing bait’, interviewing a sample of individuals that had unwittingly responded to phishing attacks, and engaging with organisations that took response measures to such events. This multi-actor engagement provided critical observations and content about the victim experience and interactions with those responsible for the attacks. The research is highly novel in its application of Work Domain Analysis (WDA) to gain an understanding of the functional structure of phishing attacks and the online transactional environment they target as a sociotechnical system. By examining the functional properties of interactions within the research context, the paper provides a unique perspective of phishing and the inter-linkages and dependencies across multiple levels of abstraction from the initial ‘baiting’ to the achievement of overall system objectives by cybercriminals. The findings provide opportunities to enhance phishing prevention and detection methodologies, improve individual resilience to such attacks, and pave the way for future efforts in applying sociotechnical systems methods to the cybercrime environment.
展开▼
