The discussion-board site 4chan has been part of the Internet's dark underbelly since its inception, and recent political events have put it increasingly in spotlight. In particular, /pol/, “Politically Incorrect'” board, a central figure outlandish 2016 US election season, as often linked to alt-right movement rhetoric hate racism. However, remains relatively unstudied by scientific community: little is known about user base, content generates, how affects other parts Web. this paper, we...

Cybercriminals steal access credentials to webmail accounts and then misuse them for their own profit, release publicly, or sell on the underground market. Despite importance of this problem, research community still lacks a comprehensive understanding what these stolen are used for. In paper, we aim shed light modus operandi miscreants accessing Gmail accounts. We developed an infrastructure that is able monitor activity performed by users accounts, leaked 100 under our control through...

Abstract Social media platforms often assume that users can self-correct against misinformation. However, social are not equally susceptible to all misinformation as their biases influence what types of might thrive and who be at risk. We call “diverse misinformation” the complex relationships between human demographics represented in To investigate how users’ impact susceptibility ability correct each other, we analyze classification deepfakes a type diverse chose case study for three...

Underground online forums are platforms that enable trades of illicit services and stolen goods. Carding forums, in particular, known for being focused on trading financial information. However, little evidence exists about the sellers present active carding precise types products they advertise, prices buyers pay. Existing literature focuses mainly organisation structure forums. Furthermore, studies usually based review, expert interviews, or data from have already been shut down. This...

Users on Twitter are commonly identified by their profile names. These names used when directly addressing users Twitter, part of page URLs, and can become a trademark for popular accounts, with people referring to celebrities real name name, interchangeably. however, has chosen not permanently link corresponding user accounts. In fact, allows change afterwards makes the old available other take.

The world has seen a dramatic increase in cybercrime, both the Surface Web, which is portion of content on World Wide Web that may be indexed by popular engines, and lately Dark not conventional search engines accessed through network overlays such as Tor network. For instance, theft online service credentials an emerging problem, especially where average price for someone's identity £820. Previous research studied modus operandi criminals obtain stolen account outlets. As part effort to...

The discussion-board site 4chan has been part of the Internet's dark underbelly since its inception, and recent political events have put it increasingly in spotlight. In particular, /pol/, "Politically Incorrect" board, a central figure outlandish 2016 US election season, as often linked to alt-right movement rhetoric hate racism. However, remains relatively unstudied by scientific community: little is known about user base, content generates, how affects other parts Web. this paper, we...

Personal data are not discrete in socially-networked digital environments. A user who consents to allow access their profile can expose the personal of network connections non-consented access. Therefore, traditional consent model (informed and individual) is appropriate social networks where informed may be possible for all users affected by processing information distributed across users. Here, we outline adequacy transactions. Informed shortcomings individual consent, introduce both a...

Cloud-based documents are inherently valuable, due to the volume and nature of sensitive personal business content stored in them. Despite importance such Internet users, there still large gaps understanding what cybercriminals do when they illicitly get access them by for example compromising account credentials associated with. In this paper, we present a system able monitor user activity on Google spreadsheets. We populated 5 spreadsheets with fake bank details funds transfer links. Each...

Twitter allows their users to change profile name at discretion. Unfortunately, this design decision can be used by attackers effortlessly hijack user names of popular accounts. We call practice squatting. In paper, we investigate squatting phenomenon, and show how mount impersonation attacks attract a larger number victims potentially malicious content. observe that are already performing attack on measure its prevalence. provide insights into the characteristics such users, argue these...

Most of cyberscam-related studies focus on threats perpetrated against the Western society, with a particular attention to USA and Europe. Regrettably, no research has been done scams targeting African countries, especially Nigeria, where notorious (in)famous 419 advanced-fee scam, targeted towards other originated. How- ever, as we know, cybercrime is global problem affecting all parties. In this study, investigate form advance fee fraud scam unique Nigeria at Nigerians, but unknown world....

Users on Twitter are commonly identified by their profile names. These names used when directly addressing users Twitter, part of page URLs, and can become a trademark for popular accounts, with people referring to celebrities real name name, interchangeably. however, has chosen not permanently link corresponding user accounts. In fact, allows change afterwards makes the old available other take. this paper, we provide large-scale study phenomenon reuse Twitter. We show that is uncommon,...

This work uses statistical classification techniques to learn about the different network behavior patterns demonstrated by targeted malware and generic malware. Targeted is a recent type of threat, involving bespoke software that has been created target specific victim. It considered more dangerous threat than malware, because attack can cause serious damage Our aims automatically distinguish between activity generated two types which then allows samples be classified as being either or...

Social media platforms often assume that users can self-correct against misinformation. However, social are not equally susceptible to all misinformation as their biases influence what types of might thrive and who be at risk. We call "diverse misinformation" the complex relationships between human demographics represented in To investigate how users' impact susceptibility ability correct each other, we analyze classification deepfakes a type diverse chose case study for three reasons: 1) is...

Abstract A conspiracy theory (CT) suggests covert groups or powerful individuals secretly manipulate events. Not knowing about existing theories could make one more likely to believe them, so this work aims compile a list of CTs shaped as tree that is comprehensive possible. We began with manually curated ‘tree’ from academic papers and Wikipedia. Next, we examined 1769 CT-related articles four fact-checking websites, focusing on their core content, used technique called Keyphrase Extraction...

We set out to understand the effects of differing language on ability cybercriminals navigate webmail accounts and locate sensitive information in them. To this end, we configured thirty Gmail honeypot with English, Romanian, Greek settings. populated email messages those languages by subscribing them selected online newsletters. hid about fake bank fifteen mimic real-world users that sometimes store their accounts. then leaked credentials honey via paste sites Surface Web Dark Web,...

We set out to understand the effects of differing language on ability cybercriminals navigate webmail accounts and locate sensitive information in them. To this end, we configured thirty Gmail honeypot with English, Romanian, Greek settings. populated email messages those languages by subscribing them selected online newsletters. also hid about fake bank fifteen mimic real-world users that sometimes store their accounts. then leaked credentials honey via paste sites Surface Web Dark Web,...

As of 2014, a fifth EU citizens relied on cloud accounts to store their documents according Eurostat report. Although useful, there are downsides the use documents. They often accumulate sensitive information over time, including financial information. This makes them attractive targets cybercriminals. To understand what happens compromised that contain information, we set up 100 fake payroll sheets comprising 1000 records fictional individuals. We populated with traditional bank payment...