Skip to main content

Research Repository

Advanced Search

Tools and techniques for improving cyber situational awareness of targeted phishing attacks

Legg, Phil; Blackman, Tim


Tim Blackman


© 2019 IEEE. Phishing attacks continue to be one of the most common attack vectors used online today to deceive users, such that attackers can obtain unauthorised access or steal sensitive information. Phishing campaigns often vary in their level of sophistication, from mass distribution of generic content, such as delivery notifications, online purchase orders, and claims of winning the lottery, through to bespoke and highly-personalised messages that convincingly impersonate genuine communications (e.g., spearphishing attacks). There is a distinct trade-off here between the scale of an attack versus the effort required to curate content that is likely to convince an individual to carry out an action (typically, clicking a malicious hyperlink). In this short paper, we conduct a preliminary study on a recent realworld incident that strikes a balance between attacking at scale and personalised content. We adopt different visualisation tools and techniques for better assessing the scale and impact of the attack, that can be used both by security professionals to analyse the security incident, but could also be used to inform employees as a form of security awareness and training. We pitched the approach to IT professionals working in information security, who believe this may provide improved awareness of how targeted phishing campaigns can impact an organisation, and could contribute towards a pro-active step of how analysts will examine and mitigate the impact of future attacks across the organisation.


Legg, P., & Blackman, T. (2019). Tools and techniques for improving cyber situational awareness of targeted phishing attacks. .

Conference Name 2019 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2019
Conference Location Oxford, England
Start Date Jun 3, 2019
End Date Jun 4, 2019
Acceptance Date Mar 26, 2019
Online Publication Date Jun 3, 2019
Publication Date Jun 1, 2019
Deposit Date Apr 9, 2019
Publicly Available Date Apr 9, 2019
Publisher Institute of Electrical and Electronics Engineers (IEEE)
Peer Reviewed Peer Reviewed
ISBN 9781728102320
Keywords cyber situational awareness, phishing, visualisation, user experience
Public URL
Publisher URL


phishing_poster_version-4.pdf (13.6 Mb)


Publisher Licence URL

Copyright Statement
(c) 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.

You might also like

Downloadable Citations