Platon Kotzias (Norton Research Group, BforeAI), Michalis Pachilakis (Norton Research Group, Computer Science Department University of Crete), Javier Aldana Iuit (Norton Research Group), Juan Caballero (IMDEA Software Institute), Iskander Sanchez-Rola (Norton Research Group), Leyla Bilge (Norton Research Group)

Online scams have become a top threat for Internet users, inflicting $10 billion in losses in 2023 only in the US. Prior work has studied specific scam types, but no work has compared different scam types. In this work, we perform what we believe is the first study of the exposure of end users to different types of online scams. We examine seven popular scam types: shopping, financial, cryptocurrency, gambling, dating, funds recovery, and employment scams. To quantify end-user exposure, we search for observations of 607K scam domains over a period of several months by millions of desktop and mobile devices belonging to customers of a large cybersecurity vendor. We classify the scam domains into the seven scam types and measure for each scam type the exposure of end users, geographical variations, scam domain lifetime, and the promotion of scam websites through online advertisements.

We examine 25.1M IP addresses accessing over 414K scam domains. On a daily basis, 149K devices are exposed to online scams, with an average of 101K (0.8%) of desktop devices being exposed compared to 48K (0.3%) of mobile devices. Shopping scams are the most prevalent scam type, being observed by a total of 10.2M IPs, followed by cryptocurrency scams, observed by 653K IPs. After being observed in the telemetry, the scam domains remain alive for a median of 11 days. In at least 9.2M (13.3%) of all scam observations users followed an advertisement. These ads are largely (59%) hosted on social media, with Facebook being the preferred source.

View More Papers

Decoupling Permission Management from Cryptography for Privacy-Preserving Systems

Ruben De Smet (Department of Engineering Technology (INDI), Department of Electronics and Informatics (ETRO), Vrije Universiteit Brussel), Tom Godden (Department of Engineering Technology (INDI), Vrije Universiteit Brussel), Kris Steenhaut (Department of Engineering Technology (INDI), Department of Electronics and Informatics (ETRO), Vrije Universiteit Brussel), An Braeken (Department of Engineering Technology (INDI), Vrije Universiteit Brussel)

Read More

TME-Box: Scalable In-Process Isolation through Intel TME-MK Memory Encryption

Martin Unterguggenberger (Graz University of Technology), Lukas Lamster (Graz University of Technology), David Schrammel (Graz University of Technology), Martin Schwarzl (Cloudflare, Inc.), Stefan Mangard (Graz University of Technology)

Read More

EMIRIS: Eavesdropping on Iris Information via Electromagnetic Side Channel

Wenhao Li (Shandong University), Jiahao Wang (Shandong University), Guoming Zhang (Shandong University), Yanni Yang (Shandong University), Riccardo Spolaor (Shandong University), Xiuzhen Cheng (Shandong University), Pengfei Hu (Shandong University)

Read More

Inspecting Compiler Optimizations on Mixed Boolean Arithmetic Obfuscation

Rachael Little, Dongpeng Xu (University of New Hampshire)

Read More