Toward Improving University Students Awareness of Spam Email and Cybercrime: Case Study of Jordan Ahmed Manasrah Computer Science Yarmouk University Irbid, Jordan
[email protected]
Mohammed Akour Computer Information System Yarmouk University Irbid, Jordan
[email protected]
Abstract— Spam emails are rapidly increasing on a daily base. An attacker could attract the email users to open spam and click on the embedded links that could takes him to malicious Web pages. We tried to inspect the awareness and the attitude of college students in three main Universities in Jordan. As total, 600 students from educational, science and IT colleges were surveyed. Although most of the students who participated in the study were offensive towards the spam email and cybercrimes, few participants do nothing against it. The students’ major plays important role in increasing the awareness against the spam emails and cybercrimes. Moreover, we investigated three main factors as we thought it could attract the students to open and read the spam emails that could lead them to be a victim of cybercrimes. These factors are technological, social, economical and religious. The participation in this study was voluntary, only the students who have the willingness to participate in our study fill the survey. The result shows that some of the educational major participants are seldom use their email accounts, while others have some knowledge on spam emails and cybercrimes, yet they may get stimulated to follow certain emails. Those participants are more vulnerable to cybercrimes. Towards the end, we condensed a research direction and recommendations to rise up user’s awareness and arm them well to the battle with spam emails and cybercrimes.
Emad Alsukhni Computer Information System Yarmouk University Irbid, Jordan
[email protected]
attacker might mislead naïve users and asks them indirectly to visit certain Web pages that implicate malicious content. One of the known ways in this regard is to send out spam emails embedded links to malicious Web pages. This requires the user to open the spam email and click on the embedded links [3]. After extensive measurements of three months of diverse spam data, a holistic analysis that quantifies full set of resources employed to monetize spam emails are presented and described [4]. Nowadays, ICT networks are the targets of various attacks. One of these attacks is the spam email. Spamming in the electronic communications medium is the action of sending unsolicited commercial messages in bulk without the explicit permission or desire of the recipients [5]. The lack of user awareness makes such attack still exists and hence, successful.
I. INTRODUCTION
Spammers inject the Internet with the spam emails, which in turn effect the communications over the Internet. They abuse the Internet; infect the networks traffic, and destroy productivity. In the recent years, spam emails were almost 71% of the overall emails sent over the Internet. In addition, spam emails may embed viruses and many threats to be distributed among the Internet users. This is why it is very important to fight spam emails and try to reduce their effect on network or Internet users.
Electronic email is extensively used and plays a significant role as a mechanism of formal and informal low cost communication. Although email offers variety of benefits to its users, it is abusing by others to send junk or spam email. The first junk or marketing email message was sent in 1978 on the Arpanet, the Department of Defenses forerunner to today’s Internet [1]. Junk or Spam emails are continually increasing because there are many on the shelf tools that make the process of generating and sending spam email so easy and cheap.
The first step to overcome the spam emails effect on the user’s machine is to instill the awareness of the spam emails affect on the users and their daily activities. In addition, we can eliminate spammer and spam emails, by cooperation with the technical industries and the government in legal sphere to reduce the problem of spam emails. As a result for such need, ITU stresses on such cooperation through their botnet mitigation toolkit and the establishment of IMPACT to bring governments together against the cyber threats/crimes.
Keywords—Spam Email, phishing, Cybercrime.
Junk e-mail (spam) is an ever-increasing problem on the Internet; constantly require new solutions [2]. An 978-1-4799-7620-1/15/$31.00 ©2015 IEEE
As a result, fighting spam emails has to start with raising the user’s awareness to the problem. Therefore, we choose to evaluate the students of Jordanian universities awareness to the problem as a sample. Furthermore, to investigate the students’ awareness of spam and junk emails as a defensive pattern against malicious attitude and cybercrimes, a study with special research goal is conducted in three Jordanian Universities in the Fall 2014 semester. The Universities are Yarmouk University, Hashemite University and Albalqa Applied University. In this study we addressed several issues related to spam emails summarized as follows: 1. What is your own opinion about the spam email? 2. What are the actions you are taking to protect yourself from spam email and cybercrimes? 3. Does the students’ major plays a significant role in dealing with spam and cybercrimes? 4. Do you take a backup of your Pc contents, especially personal stuff? 5. Do you let the browsers to remember your passwords? For this purpose, we investigated Four hypotheses, 1) IT students have more awareness about spam email and cybercrimes (Technological awareness), 2) the majority of the students will not hesitate to click on the URLs that are embedded in the emails received from relatives and friends (social), 3) the majority of the students could be trapped and send their credit card or bank account information to receive the award in the spam email. Moreover, the majority of the students will be attractive to go to the links inside the email to catch the provided cheap prices offers (economical), 4) The majority of the students could be spammed by opening religious email that contains an offence to relegious icons (religious). The rest of the paper is organized as follows: in section II we list and describe a general background and some empirical studies on spam and cybercrimes and how to deal with spam emails. Section III describes the research methodology, hypothesis, attractive factors, survey questions and participants. The result and discussion are described in section IV. Section V concludes the paper and presents the future work. II. RELATED WORK Shalendra [5] proposed a framework based on the CRM114 (acronym for the Controllable Regex Mutilator concept 114) filter that is produced by Dr. William “Bill” S. Yerazunis from Mitsubishi Electric Research Laboratories (MERL) in 2002. This filter can be used for small, medium and large enterprises, as it is able to filter up to one million client email accounts.
Besides using CRM114 filter; the framework has implemented the concept of Internet postage, which is known as the CAMRAM. Veerasamy et al [6] introduce the most pertinent attack strategies and trends including SPAM. Furthermore, they concentrate on the lines of cyber crime, information warfare and cyber terror to grab the attention to the key concerns at a national, commercial, governmental and individual level. The monitored email traffic in the previous year’s showed that around 71% of this traffic is a SPAM [6]. Furthermore, spam could be used to distribute the phishing scams. This leads to the fact that the poor user awareness such as ignorant or illinformed could be manipulated by clicking the received link, as the user trust these links and believe that it is a legitimate email from the vendor [7]. The user could receive spams in many forms, such as PDF, images and images (complex images, random pixels and borders to disguise intention [8]. The infected emails will try to attract the user by providing an attractive subjects or contents. For example, these emails may provide a good discount on some materials such as swatches, clothes or mobile phones. However, McCola corporation have been responsible for around 60% of the world spam till the year of 2008[8]. As the world suffer from the downturn in the economy and unemployment in a high range, this all together will increase the people’s fears of having an additional crucial problem such as SPAMs. In parallel, the number of fake websites and services being hosted is growing up as McAaffee predicted during 2009 [7]. Cluley [9] showed that an increasing number of security threats especially spams are targeting the social networks like Facebook, Hi5, Friendster and MySpace and security exploits. These threats including spams are spread throughout the invitations that provide the receiver with link to a video, which will ask for a flash player update. Once the user agrees to download the updates, the link will be redirected to some other server and download a malicious code to be installed on the user machine. A few defensive techniques are provided to help users to protect their machines against the security attacks including spam emails. These techniques varying from some advices to the user, following the trusted links by making sure of the links vendors, and installing antispam software[7] . Shawn et al [10] introduced three solutions to overcome the spam emails. The first solution is Cognitive Buoyancy, the second is Message Constellation and the third one is Intelligent Subject Line which is within our scope.
The subject line is proposed to determine the potential relevance among the email messages. It is the most important factor that leads the user to decide which message to open and which one to discard. It is the subject line which makes the user makes decision about the relevancy of the messages. It could be the organization, project or could be the context. The main hitch is that the subject line is not supported by the email applications. Using the subject line would have a good effect on reducing email overload with high efficiency. The main idea is how to make the user able to predict the message context before opening it, this could be done by using meaningful subjects in the email messages rather than using a misleading subject lines. According to the Messaging Anti-Abuse Working Group (MAAWG) and based on a survey covering North America and Western Europe, a significant percentage of consumers continue to interact with spam despite their awareness of how bots and viruses spread through risky email behavior. The most striking results from this research is that while 82% of consumers are aware of "bots" and malware threats, only 20% believe there is a very good chance their computers could get infected [11]. Most spam originates from computers infected with a "bot," [12] that is malware covertly downloaded to a computer and used to send spam or carry out other malicious functions without the owner's knowledge [11]. The Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM) went into effect in January 2004. According to this Act, email marketers must label their messages as advertisements, include an Internet-based opt-out feature for the recipient that is active for 30 days; and provide the marketing company’s physical address in the message. Some criticize the Act because it legalizes certain forms of spam, including provisions that make it easier for spammers to continue their spam sending activities [13]. On the other hand, some people do read and respond to spam, which further encourages spammers’ endeavors, since a small percentage of responses is enough to justify the cost of sending spam [14] According to the International Telecommunications Union (ITU), the impact of spam on the Internet community is great, causing significant financial costs and losses in productivity. Spam is not only growing, but also evolving in its nature: the emergence of fraudulent spam raises issues for individuals and businesses alike, including invasion of privacy, exposure to illegal or offensive content, misleading trade practices and expense, menacing the effectiveness of electronic communication and legitimate online business. Spam that carries dangerous computer viruses also constitutes a threat to the security of the information infrastructure. According to MessageLabs, spam has grown to represent almost 76% of the total email traffic [15]. The estimated costs to the global economy are approximately USD 25 billion. This is due to the material cost of the time spent identifying and deleting unsolicited messages. It is therefore costly in terms of
productivity loss and the need for technical support and software solutions [16]. According to Spam Laws in ‘Spam Statistics and Facts on Spam’, spam accounts for 14.5 billion messages globally per day that is it makes up 45% of all emails. Some research companies estimate that spam takes up an even greater portion of global emails. Because spam has inundated both the personal and corporate emailing, it has affected the way that individuals and companies feel about spam. According to the Symantec Report (2010), scam and phishing messages in March this year accounted for 17% of all spam, which is 2 percentage points lower than in February. After the tragic earthquakes in Haiti and in Chile, there were no additional natural disasters for spammers to take advantage of. Instead, spammers continued to focus on seasonal and calendar events such as Easter holiday to deliver spam messages. With respect to spam message size, there was a sizeable increase in spam messages between 5kb and 10kb (up over 10 percentage points), which correlates to an increase in attachment spam. Overall, spam made up 89.34 percent of all messages in March, compared with 89.99 percent in February.
III. RESEARCH METHODOLOGY. To the best of our knowledge, this study never been carried out in any of the middle east region. Our research intended to: 1) Assess different major student’s awareness of spam email and cybercrime. 2) Address four main factors that could pull email users to interact with spam emails by opening, reading, and following the embedded link in the email. All participant students asked to complete the same survey. In this section we described the major used in this study, our hypotheses. A.
Participant Students
A questionnaire is distributed among students who enrolled in the IT, Science and education college from three Jordanian public universities. The Universities are Hashemite University, Yarmuok University and Albalqa Applied University. Two hundred questionnaires are distributed in each university, One hundred for the IT students and one hundred for the education students. As a total, six hundred questionnaires are distributed in the three universities. The participation in this study was voluntary, 20 students decided not to participate. Thirty students declared that they seldom access their emails. We exclude these participants. The remaining 550 participant students involved 275 males (50%) and 275 females (50 %).
B.
Attractive factors and Research Hypotheses
The main question to address here is what attracts users to open the received emails even though they are from unknown senders. Therefore, we believe that students could be trapped as they tend to one of the four main factors we studied in this research. The topic of spam email could attract and pull the students to deal with it, which may convert them to a cybercrimes victim. These factors are technological, social, economical and religious factors. The reason behind these factors is that spam emails are carrying content or even titles under the parasol of one or more of these factors. Furthermore, these factors are attractive points to the users to follow certain emails based on their believe and society. Hence, we are studying student’s universities attitude as they represent a sample of our community. That community clings to his religion and respects other’s religion characterized by the strongest and warmest social relations. That community looks forward to get the latest technology and software to cope with the technology exposure. Human being might not ignore emails that come from relatives or friends. Spam emails are not expecting from relative, as it doesn’t make any sense. The dissemination of fraud emails about a millions of dollars awards is noticeable nowadays. Furthermore, the emails contains coupons and offers on clothes, cosmetics, and much other stuff are an attractive way to draw email users to harm their pc, hack their email, pinched their sensitive information etc. To properly address Universities students’ awareness and the defensive action against spam emails and cybercrimes, we formulate four hypotheses as follows: 1) IT students have more awareness about spam email and cybercrimes (Technological awareness), 2) the majority of the students will not hesitate to click on the URLs that are embedded in the emails received from relatives and friends (social), 3) the majority of the students could be trapped and send their credit card or bank account information to receive the award in the spam email. Moreover, the majority of the students will be attractive to go to the links inside the email to catch the provided cheap prices offers (economical), 4) The majority of the students could be spammed by opening religious email that contains an offence to relegious icons (religious). C. Survey Questions Participants were asked to complete 3 pages survey on their experience and knowledge about spam email and cybercrimes. The defensive action and the procedures
they employ to protect their self from spam emails and cybercrimes. To assess the level of the experience and knowledge of the participants on spam email and cybercrimes, the responses were scaled from 1 = beginner to 4 = expert. To assess the procedures and defensive actions participants might take against spam and cybercrimes, students were asked to mark from a list of popular responses (no action, remove, filtering, contact Internet service provider, contact representative, other). If the participant checks other action, we ask him/her to indicate the particular action. Finally, we use likert 4-point scale to indicate the answer of the other questions (i.e. always, sometimes, never, I have no clue) IV. RESULTS AND DISCUSSION In order to accept or reject each hypothesis, we consider alpha =0.05. Alpha levels are commonly employed in hypothesis test. The alpha level is the probability of rejecting the null hypothesis when the null hypothesis is true. Researchers conclude that an alpha level of 5% is a good balance between Supporting the alternate hypothesis when the null hypothesis is true, and Not supporting the alternate hypothesis when the alternate hypothesis is true. If the reliability (R) > alpha, we accept our hypothesis otherwise we reject it. We employed SPSS [17] to perform the required analysis and check the hypotheses. At the beginning, we check the following 4 general hypotheses, H1- technological awareness plays significant role in dealing with spam and taking defensive action against cybercrimes, H2social factor could help in spreading spams and threaten email user to be a victim of cybercrime, H3- religious factor could help in spreading spams and threaten email user to be a victim of cybercrime H4- economical factor could help in spreading and threaten email users to be a victim of cybercrime. Table 1 represents the total number of survey questions for each general hypothesis, the associated reliability value, and the result for each hypothesis. Hypothesis H1 H2 H3 H4
Table 1. General Hypotheses R Values # of R value Acceptance questions 18 0.644 Accept 15 0.401 Accept 10 0.614 Accept 7 0.386 Accept
Table 1 shows the number of questions under the umbrella of each hypothesis. Moreover, table 1 shows how the Reliability (R) value is greater than alpha (.05)
of the four general hypotheses. Therefore, we accepted the four hypotheses. We employed Spearman nonparametric correlation to statistically testing our hypothesis and perform the comparison between the IT student’s awareness and the other two student’s colleges. The result shows how there are significant differences between the IT students and other two colleges in term of the awareness of spam email and cybercrimes. That gives evidence that IT students have more knowledge, experience and techniques to defend their selves against spam email and cybercrimes. The resulted p-value was .003, which is less than the significance level (0.05). Therefore, we conclude that Hypothesis 1 can be accepted. For hypothesis 2, the p-value was .002. That means the majority of the students from the three colleges under study would open and read emails from their relatives. If the received email was a spam and contains an embedded viruses, that could get the receiver to be hacked. Based on the p-value, we accepted the hypothesis 2. Hypothesis 3 depicted two different attitudes. We assumed that the students could send their credit card or bank account information as a response to an email that offer an award or bank check. The p-value was 0.078, which is greater than 0.05. That means hypothesis 3 part one is rejected. The majority of the students don’t share their monetary information. The p-value was .025 for Part 2 of hypothesis 3. That means, our hypothesis is accepted. For hypothesis 4, the p-value was 0.89 which is greater than 0.5. That means our assumption was wrong, the students don’t read or deal with email contains religious content even if it contains insults. Therefore, we rejected hypothesis 4. V. CONCLUSION In this research, we surveyed three public universities students in Jordan to identify the factors that stimulate the community to follow certain emails and attract them. The factors are technological, social, economical and religious factors. Through the survey, students knowledge to the characteristics of spam emails, the awareness of spam emails, email security and practices, students email habits, the stimulating factors to click embedded URLs were analyzed. The obtained results show that the technological aspects are well established among the studied sample and they are aware of the SPAM and their harm. However, social aspects are the main source of spam emails especially if it comes form a hacked relative or friend or even spoofed account. And since the online transactions is not widely trusted among the studied sample, revealing credit cards number or bank account information is
not possible and hence, it is not a major factor within the Jordanian society. However, visiting embedded links inside emails that promises discounts and cheap prices or special offers is possible even thought it is from an unknown sender. On the other hand, the majority of the students do not follow links or emails with religious contents or titles. However, we noticed that certain contexts and titles might play an important role in attracting and stimulating the students to follow malicious emails. This point is a promise research direction worth studying as a future work. At the end, it is concluded that even though the Jordanian society are aware of the spam email issues and harm, but still spam emails can get through. Therefore, it is recommended that raising the society awareness has to be through an educational model relies on one’s attitude and intention to predict actual behaviour. For instance, the theory of Reasoned Action [18] suggests that a person's behaviour is determined by his/her intention to perform the behaviour and that this intention is, in turn, a function of his/her attitude toward the behaviour and his/her subjective norm. Which was supported in our research through the technological, social, economical and religious aspects towards spam emails. REFERENCES [1]
Hinde, S. Spam: The evolution of a nuisance. Computers & Security, 2003, pp. 474–478. [2] Leiba, B. and Ossher, J. and Rajan, V.T. and Segal, R. and Wegman, US Patent 7,475,118} [3] Niels Provos, Moheeb Abu Rajab, and Panayiotis Mavrommatis. 2009. Cybercrime 2.0: when the cloud turns dark. Commun. ACM 52, 4 (April 2009), 42-47. DOI=10.1145/1498765.1498782 http://doi.acm.org/10.1145/1498765.1498782 [4] Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Márk Félegyházi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage. 2011. Click Trajectories: End-to-End Analysis of the Spam Value Chain. In Proceedings of the 2011 IEEE Symposium on Security and Privacy (SP '11). IEEE Computer Society, Washington, DC, USA, 431446. DOI=10.1109/SP.2011.24 http://dx.doi.org/10.1109/SP.2011.24 [5] Shalendra Chhabra, Fighting Spam, Phishing and Email Fraud, in Computer Sciences Department, University of California, Riverside. p. 244.2005. [6] Dean Turner Marc Fossi, Eric Johnson,Trevor Mack,Téo Adams, Joseph Blackbird, Stephen Entwisle, Brent Graveland, David McKinney, Joanne Mulcahy, Candid Wueest, Symantec Global Internet Security Threat Report trends for 2009, Symantec enterprise security.2010. [7] N Veerasamy & B Taute, AN INTRODUCTION TO EMERGING THREATS AND VULNERABILITIES TO CREATE USER AWARENESS Council for Scientific and Industrial Research (CSIR), Editor, CSIR: CSIR.2009. [8] Anonymous, IBM Internet Security Systems X-Force 2008 Trend and Risk Report, IBM Global Technology Services, Editor, IBM Global Technology Services.2009. [9] G. Cluley, Viruses and Spam 2008: A look at the current security landscape and future trends.2008. [10] David Tinapple Shawn A. Weil, David D. Woods. NEW APPROACHES TO OVERCOMING E-MAIL OVERLOAD. in the HUMAN FACTORS AND ERGONOMICS SOCIETY 48th ANNUAL
[11]
[12]
[13] [14]
[15] [16]
[17] [18]
MEETING. the HUMAN FACTORS AND ERGONOMICS SOCIETY 48th ANNUAL MEETING, 2004. MAAWG: A Look at Consumers' Awareness of Email Security, Part 2. Published: June 1 2009, Retrieved April 23 2010. http://www.maawg.org/published-documents MyCERT Quarterly Summary (Q4) 2008. Retrieved April 28 2010. www.mycert.org.my Ars Technica, "Report: spam-wielding botnets are working 9 to 5" by Jacqui Cheng. Published: May 27, 2009 2:33 PM, Retrieved Mei 8 2010. http://arstechnica.com/web/news/2009/05/report-spam-wielding-botnetsapparently-like-us-work-hours.ars Lee, Y (2005): The CAN-SPAM Act: a silver bullet solution?. In Communications of the ACM, 48 (6) pp. 131-132. Wood, W.A. & Li, S (2006): Longitudinal Study of the Impact Of EMail And Spam. In Issues in Information Systems, Volume VII(2) pp. 327-332. MessageLabs Releases Spam Report, http://www.symantec.com/, 2008. Access on 2014. NISER REPORT: Anti-Spam Framework of Best Practices and Technical Guidelines, Issue 2.00. Published April 11 2005, Retrieved 25 April 2010. http://www.cybersecurity.my/data/content_files/13/65.pdf?.diff=117641 8561 IBM Corp. Released 2012. IBM SPSS Statistics for Windows, Version 21.0. Armonk, NY: IBM Corp. J. L. Hale, B. J. Householder and K. L. Greene, "The theory of reasoned action," in The Persuasion Handbook: Developments in Theory and Practice J. P. Dillard and M. Pfau, Eds. Sage Publications, Thousand Oaks, California, 2002
