Security Research About Phishing
During the recent pandemic and the unprecedented changes in the way the world operates, there is an increase in email use (app. 20% increase in opening rates) that correspondingly increases the risk of a cyberattack.
Τhe team of Systems Security Laboratory (SSL) of the University of Piraeus, among other security-related projects, is working on the phishing detection field to identify efficient ways exploiting the advancement of AI to detect, flag, and block phishing emails.
It has been reported that phishing email attacks involving the COVID-19 as lure increased by 667% between the period of February 2020 and March 2020. Moreover, the ENISA Threat Landscape 2020 marks phishing attacks as one of the most critical cyber threats of 2020. These recent events indicate that phishing attacks are still a crucial threat and further research activities should be conducted to curve that threat. A serious limitation of phishing email in the detection research field is that there is a clear lack of publicly available phishing email datasets and that almost 70% of the papers used old datasets.
The limited phishing email data that are currently available are not sufficient to continue our research. Thus, we are working on the creation of a new phishing email dataset that will be comprised of the latest phishing email trends.
The results of our research as well as the dataset, once ready, will be free and shared with all our community and the greater public. Should any contributor wishes and/or allows it, a special acknowledgment will be given.
To create this dataset, we will need your invaluable help.
To that extent, we kindly ask you to contribute to our effort by gathering and sharing with us any phishing emails that you or your organization has received lately (up to the last four years).
Sharing can be in any way convenient to you, e.g.
- By sending us at (email@example.com),
single or even multiple attached emails
- By uploading related emails in our cloud space here
- Any other way you wish to
Our gathering of such data has a limited time span until February 28th, 2021. After that time, we will further process and evaluate the received data to begin our next round of testing.
Finally, it is important to mention that before sharing the phishing emails we advise, should you wish, exclude all sensitive information and anonymize them. From our part, we will ensure anonymity to any received data by deploying the k-anonymity technique.