Phishing schemes - typology and analysis in Serbian cyber space

Abstract

Purpose: The purpose of this paper is to identify and describe various factors for understanding criminal behaviour involved in phishing and to provide advice in the areas of security, criminal procedure, and victimology. Design/methodology/approach: The project combined several qualitative and quantitative techniques such as interviews and surveys, as well as content analysis. Findings: Several categories of subjects were identified: those who are aware of some scientific achievements in this field and who feel increasingly apprehensive about the disclosure of private information; those who are not prepared to readily incorporate scientific progress in similar fields; the third category includes staff members who do not embrace all new measures in the fight against this type of cybercrime. The participants could also be categorized on the basis of their inclination to recognize new forms and types of phishing: some are aware of new forms and can recognize them as soon as they emerge locally; others cannot do so. Research limitations/implications: To allow findings to be generalized, future research should include measures that could specify additional means to be used by members of a wider representative group, such as tools, materials, educational and course modules, implemented during training. Practical implications: This research represents a useful source of information for method implication in combating phishing schemes, and for detecting new emerging forms and types of cybercrime promptly, as well as new social engineering methods to facilitate it. Originality/value: This paper should be of particular interest to forensic specialists, in the analysis of crime scene behaviour and of methods phishers use in luring their victims.