Sweeter than honey: Are Gmail accounts associated with greater rewards at a higher risk of hijacking?

Danielle Stibbe; Stijn Ruiter; Wouter Steenbeek; Asier Moneva

doi:10.1016/j.chbr.2024.100410

Sweeter than honey: Are Gmail accounts associated with greater rewards at a higher risk of hijacking?

Danielle Stibbe, Stijn Ruiter^*, Wouter Steenbeek, Asier Moneva

^*Corresponding author for this work

Research output: Contribution to journal › Article › Academic › peer-review

Abstract

Objectives: This study investigates the effect of advertised rewards in credential leaks on the likelihood and speed of account hijacking. Methods: In an online field experiment, we created 176 honey Gmail accounts and randomly assigned them to eight different posts containing account credential leaks. We used a 2 × 2 experimental design, manipulating two key variables within the post titles: the number of accounts (5 K or 1.5 M) and the promise of access to additional platforms (absent or present). We then monitored the accounts for any subsequent activity. Results: Our findings indicate that the promise of access to additional platforms increased the likelihood and speed of an attempted access. Only 12 accounts were fully accessed, however, because most hijackers did not complete the second-factor authentication (2FA) process required for gaining full access. It seems that the 2FA acted as a deterrent to complete Gmail account hijacking. Conclusions: The study aligns with the rational choice perspective of crime, showing that the prospect of greater rewards leads to more attempted account accesses. Pre-registration: https://osf.io/9y26z.

Original language	English
Article number	100410
Number of pages	12
Journal	Computers in Human Behavior Reports
Volume	14
DOIs	https://doi.org/10.1016/j.chbr.2024.100410
Publication status	Published - May 2024

Bibliographical note

Publisher Copyright:
© 2024 The Authors

Keywords

Account hijacking
Cybercriminal decision-making
Hacker forums
Honey accounts
Personal data theft
Rational choice perspective
Target selection

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1016/j.chbr.2024.100410Licence: CC BY

1-s2.0-S2451958824000435-mainFinal published version, 2.52 MBLicence: CC BY

Cite this

@article{7bc52b5436414528906826cf72607e48,

title = "Sweeter than honey: Are Gmail accounts associated with greater rewards at a higher risk of hijacking?",

abstract = "Objectives: This study investigates the effect of advertised rewards in credential leaks on the likelihood and speed of account hijacking. Methods: In an online field experiment, we created 176 honey Gmail accounts and randomly assigned them to eight different posts containing account credential leaks. We used a 2 × 2 experimental design, manipulating two key variables within the post titles: the number of accounts (5 K or 1.5 M) and the promise of access to additional platforms (absent or present). We then monitored the accounts for any subsequent activity. Results: Our findings indicate that the promise of access to additional platforms increased the likelihood and speed of an attempted access. Only 12 accounts were fully accessed, however, because most hijackers did not complete the second-factor authentication (2FA) process required for gaining full access. It seems that the 2FA acted as a deterrent to complete Gmail account hijacking. Conclusions: The study aligns with the rational choice perspective of crime, showing that the prospect of greater rewards leads to more attempted account accesses. Pre-registration: https://osf.io/9y26z.",

keywords = "Account hijacking, Cybercriminal decision-making, Hacker forums, Honey accounts, Personal data theft, Rational choice perspective, Target selection",

author = "Danielle Stibbe and Stijn Ruiter and Wouter Steenbeek and Asier Moneva",

note = "Publisher Copyright: {\textcopyright} 2024 The Authors",

year = "2024",

month = may,

doi = "10.1016/j.chbr.2024.100410",

language = "English",

volume = "14",

journal = "Computers in Human Behavior Reports",

issn = "2451-9588",

publisher = "Elsevier BV",

}

TY - JOUR

T1 - Sweeter than honey

T2 - Are Gmail accounts associated with greater rewards at a higher risk of hijacking?

AU - Stibbe, Danielle

AU - Ruiter, Stijn

AU - Steenbeek, Wouter

AU - Moneva, Asier

PY - 2024/5

Y1 - 2024/5

N2 - Objectives: This study investigates the effect of advertised rewards in credential leaks on the likelihood and speed of account hijacking. Methods: In an online field experiment, we created 176 honey Gmail accounts and randomly assigned them to eight different posts containing account credential leaks. We used a 2 × 2 experimental design, manipulating two key variables within the post titles: the number of accounts (5 K or 1.5 M) and the promise of access to additional platforms (absent or present). We then monitored the accounts for any subsequent activity. Results: Our findings indicate that the promise of access to additional platforms increased the likelihood and speed of an attempted access. Only 12 accounts were fully accessed, however, because most hijackers did not complete the second-factor authentication (2FA) process required for gaining full access. It seems that the 2FA acted as a deterrent to complete Gmail account hijacking. Conclusions: The study aligns with the rational choice perspective of crime, showing that the prospect of greater rewards leads to more attempted account accesses. Pre-registration: https://osf.io/9y26z.

AB - Objectives: This study investigates the effect of advertised rewards in credential leaks on the likelihood and speed of account hijacking. Methods: In an online field experiment, we created 176 honey Gmail accounts and randomly assigned them to eight different posts containing account credential leaks. We used a 2 × 2 experimental design, manipulating two key variables within the post titles: the number of accounts (5 K or 1.5 M) and the promise of access to additional platforms (absent or present). We then monitored the accounts for any subsequent activity. Results: Our findings indicate that the promise of access to additional platforms increased the likelihood and speed of an attempted access. Only 12 accounts were fully accessed, however, because most hijackers did not complete the second-factor authentication (2FA) process required for gaining full access. It seems that the 2FA acted as a deterrent to complete Gmail account hijacking. Conclusions: The study aligns with the rational choice perspective of crime, showing that the prospect of greater rewards leads to more attempted account accesses. Pre-registration: https://osf.io/9y26z.

KW - Account hijacking

KW - Cybercriminal decision-making

KW - Hacker forums

KW - Honey accounts

KW - Personal data theft

KW - Rational choice perspective

KW - Target selection

UR - http://www.scopus.com/inward/record.url?scp=85188989964&partnerID=8YFLogxK

U2 - 10.1016/j.chbr.2024.100410

DO - 10.1016/j.chbr.2024.100410

M3 - Article

AN - SCOPUS:85188989964

SN - 2451-9588

VL - 14

JO - Computers in Human Behavior Reports

JF - Computers in Human Behavior Reports

M1 - 100410

ER -

Sweeter than honey: Are Gmail accounts associated with greater rewards at a higher risk of hijacking?

Abstract

Bibliographical note

Keywords

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this