Social engineering and the disclosure of personal identifiable information: Examining the relationship and moderating factors using a population-based survey experiment

People tend to disclose personal identifiable information (PII) that could be used by cybercriminals against them. Often persuasion techniques are used by cybercriminals to trick people to disclose PII. This research investigates whether people can be made less susceptible to persuasion by reciprocation (i.e., making people feel obligated to...

Catching Phishers By Their Bait: Investigating the Dutch Phishing Landscape through Phishing Kit Detection

Off-the-shelf, easy-to-deploy phishing kits are believed to lower the threshold for criminal entrepreneurs going phishing. That is, the practice of harvesting user credentials by tricking victims into disclosing these on fraudulent websites. But, how do these kits impact the phishing landscape? And, how often are they used? We leverage the use...

Get Rich or Keep Tryin’ Trajectories in dark net market vendor careers

Dark net markets are a competitive environment. As these anonymous markets enable criminals to trade illicit goods or services, this causes vendors to operate under pseudonyms, rather than real-world identities. The constant battle between market admins and law enforcement makes the typical lifespan of a market two years. When a market...

Template Clustering for the Foundational Analysis of the Dark Web

The rapid rise of the Dark Web and supportive technologies has served as the backbone facilitating online illegal activity worldwide. These illegal activities supported by anonymisation technologies such as Tor has made it increasingly elusive to law enforcement agencies. Despite several successful law enforcement operations, illegal activity on...

Bitcoin money laundering: mixed results?: An explorative study on money laundering of cybercrime proceeds using bitcoin

Purpose: This paper aims to shed light into money laundering using bitcoin. Digital payment methods are increasingly used by criminals to launder money obtained through cybercrime. As many forms of cybercrime are motivated by profit, a solid cash-out strategy is required to ensure that crime proceeds end up with the criminals themselves without...

Discerning Novel Value Chains in Financial Malware: On the Economic Incentives and Criminal Business Models in Financial Malware Schemes

Fraud with online payment services is an ongoing problem, with significant financial-economic and societal impact. One of the main modus operandi is financial malware that compromises consumer and corporate devices, thereby potentially undermining the security of critical financial systems. Recent research into the underground economy has shown...

Anomaly detection for internet surveillance

Many threats in the real world can be related to activity of persons on the internet. Internet surveillance aims to predict and prevent attacks and to assist in finding suspects based on information from the web. However, the amount of data on the internet rapidly increases and it is time consuming to monitor many websites. In this paper, we...

Process Control Security: Go Dutch!

Second Dutch Process Control Security Event

Third Dutch Process Security Control Event

On June 4th, 2009, the third Dutch Process Control Security Event took place in Amsterdam. The event, organised by the Dutch National Infrastructure against Cybercrime (NICC), attracted both Dutch process control experts and members of the European SCADA and Control Systems Information Exchange (EuroSCSIE). A set of plenary sessions and parallel...

3rd Dutch Event on Process Control Security

The European Commission has started the Coordination Action Parsifal as well as another Specific Targeted Research Project for the critical financial infrastructure (CFI).

Process Control Security in het Informatieknooppunt Cybercrime NICC: Eén publiekprivate geïntegreerde aanpak. Eén sluitende nationale infrastructuur ter bestrijding van cybercrime.

Opsporing en vervolging van cybercrime? Heel belangrijk, maar niet dé oplossing voor het probleem. Voorkómen is beter! De sectoren die zijn aangesloten op het Informatieknooppunt Cybercrime hebben de (informatie)beveiliging van procescontrolesystemen (PCS), waaronder SCADA, als uitdaging opgepakt. Deze publicatie maakt duidelijk waarom het...

Information Assurance and the Information Society

Society is on the verge of a new era: the information age. Economical changes, a new way of looking at services and new types of conflict are forecasted. Some glimpses of these changes were noticed during the Persian Gulf War. Government decision units, organisations, society and critical industries become more and more inter-networked. They...