This paper provides a large-scale characterization of Telegram bots, revealing that while they serve useful functions like crowdsourcing, they are also extensively used for malicious activities such a…

The paper empirically compares the security and privacy implementation characteristics of major Android messaging apps (Meta Messenger, Signal, and Telegram) using static and dynamic analysis, finding…

The paper empirically investigates the lead marketing ecosystem, revealing a highly non-compliant system that aggressively collects, shares, and monetizes sensitive personal data through deceptive bro…

This systematic review analyzes the current state of SMS phishing (smishing) attacks and defenses, organizing existing research into four pillars to identify gaps and propose future mitigation strateg…

The paper argues that deepfake detection research is misaligned because it focuses on historical threats (public-figure face-swaps) while ignoring the dominant, emerging harms like NCII, voice-cloning…

This paper analyzes the Solana Rug Pull ecosystem by creating a large-scale, manually verified dataset of fraudulent tokens, identifying three key behavioral patterns, and characterizing the resulting…

This study provides the first large-scale analysis of video piracy on Telegram, quantifying its massive financial impact and developing a resilient detection framework, Anti-RIP, to combat it.

The paper introduces GuardPhish, a large-scale dataset and evaluation framework, demonstrating that even high-performing open-source LLMs can generate actionable phishing content despite accurate inte…

GuardSec is a deployable, multi-modal web platform designed for the African context that enables non-technical users to perform real-time digital fraud detection and assess their own connection securi…

The paper introduces McNdroid, a large longitudinal multimodal benchmark for Android malware, demonstrating that temporal drift significantly degrades detection performance, which is best mitigated by…

The paper proposes a novel structural invariant approach, derived from the economic constraints of fraud, that amplifies weak, low-precision signals into highly accurate fraud detections without requi…

This paper introduces a machine learning system that detects phishing emails by analyzing contextual features from the entire email body content, achieving 95.41% accuracy using Logistic Regression.

This study provides a longitudinal analysis of dark web content, revealing that cybercrime discussions are dominated by a few persistent core topics rather than rapidly shifting themes.

The paper introduces TeleHunt, a comprehensive framework and tool that systematically evaluates various strategies for efficiently discovering cybercriminal communities operating on Telegram.

This paper empirically characterizes the clandestine third-party iOS app stores in Iran, revealing a complex ecosystem driven by sanctions and censorship that facilitates piracy, unauthorized monetiza…

This paper provides a comprehensive, structured list of 42 email-based deception techniques, complete with 64 concrete examples, to serve as a modular reference for developing countermeasures.

The paper proposes an on-device framework to detect and prevent the forwarding of images that have been physically recaptured (photographed) from a mobile screen, addressing the Screen Recaptured Anal…

The paper analyzes and documents various double-dip reward abuse attacks that exploit flaws in how cashback and reward engines handle transaction refunds, proposing formal invariants and defensive alg…

The paper proposes an embarrassingly simple detector that monitors model extraction attacks by testing whether the aggregate distribution of incoming LLM queries deviates from the historical distribut…

The paper introduces a synthetic dataset of multi-round conversations to detect conversational smishing, finding that XGBoost with TF-IDF features achieved the best performance (72.5% accuracy).