Abstract
M.Com. (Information Technology Management)
Email users who select to receive email communication through mailing-lists subscription may become a target of spear phishing attacks, resulting in major data breaches. The prospect of spear phishing exploitation of compromised mailing-lists is a threat to Information System security for organizations and individual subscribers. Using a qualitative research study, this dissertation explores the prospect of spear phishing attacks on mailing-lists communication channels. Research methods applying the Grounded Theory technique were employed to analyse empirical data collected in the form of interviews, participants’ observations and data-logs. The collection of data-logs is described by creating and implementing fake email accounts (honeytokens), and using the fake accounts to subscribe to live mailing-lists as a way of eliciting data-logs and analysing threats within them. Research study infers Sensitising Concepts from the Technology Threat Avoidance Theory (TTAT) to help refine the understanding of spear phishing attacks in the context of compromised mailing-lists. Inductive reasoning was used to observe patterns within the data and to draw general conclusions regarding it. To complement the application of multi-source data collection research, Triangulation Data Analysis was applied to the combined data-sets and to arrive at one set of findings.
The research findings describe the existence of unexplored and largely unrecognised spear phishing threats (referred to as Mailing-Lists-Spear-Phishing threats in this dissertation) that may be targeted at specific mailing-lists subscribers. The research further shows that the threats posed by mailing-lists-spear-phishing’s unique method of attack and its subsequent security implications are not widely known by most mailing-list subscribers. While data analysis yielded the insight that these threats and attacks are not as prevalent as the researcher initially expected, the risk of exploitation remain a real serious threats to Information Systems security.
This dissertation proposes a framework that uses the application of honeytokens as a potential detection and protection mechanism to mitigate against spear phishing exploitation of mailing-list communication channels. The study successfully demonstrated and tested a honeytoken framework implementation towards this purpose. The final recommendation is that honeytoken implementation could be used to complement, rather than replace, existing Information Systems security measures.