Daan Vansteenhuyse (DistriNet, KU Leuven), Hadji Musaev (DistriNet, KU Leuven), Lieven Desmet (DistriNet, KU Leuven)

Cybercriminals increasingly exploit the web, targeting millions of users and causing substantial financial losses. To combat these online scams, industry and academia have created databases consisting of malicious websites. By analyzing its properties, various detection mechanisms have been proposed to automatically identify fraudulent activity on the web. Although proven useful, these databases are curated, focus on the global perspective and lack insights of benign websites perceived as malicious by users. In this paper, we analyze user-reported scams from an anti-scam initiative, deployed in a European country, using topic modeling to uncover regional trends and user perceptions. Our findings inform the design of localized anti-cybercrime datasets and detection strategies.

Based on an initial manual analysis, we find most reported malicious activity takes place in the form of dating scams while a main portion of the dataset contains benign newsletters indicating the varying accuracy of user reports. Using BERTopic to extend the manual analysis, we show how it can be used to study the evolution of campaigns over time. We combine our insights into advice that can be used by anti-cybercrime organizations to set up similar datasets and describe how tools, such as topic modeling, can further aid both industry partners, to harden their anti-phishing defenses, and research institutions, to better study regional and psychological aspects associated with online fraud.

View More Papers

ropbot: Reimaging Code Reuse Attack Synthesis

Kyle Zeng (Arizona State University), Moritz Schloegel (CISPA Helmholtz Center for Information Security), Christopher Salls (UC Santa Barbara), Adam Doupé (Arizona State University), Ruoyu Wang (Arizona State University), Yan Shoshitaishvili (Arizona State University), Tiffany Bao (Arizona State University)

Read More

SACK: Systematic Generation of Function Substitution Attacks Against Control-Flow...

Zhechang Zhang (The Pennsylvania State University), Hengkai Ye (The Pennsylvania State University), Song Liu (University of Delaware), Hong Hu (The Pennsylvania State University)

Read More

An LLM-Driven Fuzzing Framework for Detecting Logic Instruction Bugs...

Jiaxing Cheng (Institute of Information Engineering, CAS; SCS, UCAS Beijing, China), Ming Zhou (SCS, Nanjing University of Science and Technology Nanjing, Jiangsu, China), Haining Wang (ECE Virginia Tech Arlington, VA, USA), Xin Chen (Institute of Information Engineering, CAS; SCS, UCAS Beijing, China), Yuncheng Wang (Institute of Information Engineering CAS; SCS, UCAS Beijing, China), Yibo Qu…

Read More