{"id":"https://openalex.org/W2911547762","doi":"https://doi.org/10.1145/3308558.3313489","title":"Hack for Hire: Exploring the Emerging Market for Account Hijacking","display_name":"Hack for Hire: Exploring the Emerging Market for Account Hijacking","publication_year":2019,"publication_date":"2019-05-13","ids":{"openalex":"https://openalex.org/W2911547762","doi":"https://doi.org/10.1145/3308558.3313489","mag":"2911547762"},"language":"en","primary_location":{"id":"doi:10.1145/3308558.3313489","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3308558.3313489","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3308558.3313489","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The World Wide Web Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3308558.3313489","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5089337298","display_name":"Ariana Mirian","orcid":"https://orcid.org/0009-0006-7293-3290"},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California, San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Ariana Mirian","raw_affiliation_strings":["University of California San Diego, USA"],"affiliations":[{"raw_affiliation_string":"University of California San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5032008716","display_name":"Joe DeBlasio","orcid":null},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California, San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Joe DeBlasio","raw_affiliation_strings":["University of California San Diego, USA"],"affiliations":[{"raw_affiliation_string":"University of California San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048394730","display_name":"Stefan Savage","orcid":"https://orcid.org/0000-0001-6617-8029"},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California, San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Stefan Savage","raw_affiliation_strings":["University of California San Diego, USA"],"affiliations":[{"raw_affiliation_string":"University of California San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081366293","display_name":"Geoffrey M. Voelker","orcid":"https://orcid.org/0000-0003-0865-7499"},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California, San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Geoffrey M. Voelker","raw_affiliation_strings":["University of California San Diego, USA"],"affiliations":[{"raw_affiliation_string":"University of California San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5024050018","display_name":"Kurt Thomas","orcid":"https://orcid.org/0000-0002-3762-5851"},"institutions":[{"id":"https://openalex.org/I1291425158","display_name":"Google (United States)","ror":"https://ror.org/00njsd438","country_code":"US","type":"company","lineage":["https://openalex.org/I1291425158","https://openalex.org/I4210128969"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kurt Thomas","raw_affiliation_strings":["Google, USA"],"affiliations":[{"raw_affiliation_string":"Google, USA","institution_ids":["https://openalex.org/I1291425158"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5089337298"],"corresponding_institution_ids":["https://openalex.org/I36258959"],"apc_list":null,"apc_paid":null,"fwci":6.6935,"has_fulltext":true,"cited_by_count":31,"citation_normalized_percentile":{"value":0.96767014,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1279","last_page":"1289"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9865999817848206,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9858999848365784,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/phishing","display_name":"Phishing","score":0.9054142236709595},{"id":"https://openalex.org/keywords/sophistication","display_name":"Sophistication","score":0.7923098802566528},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6844891905784607},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.6819479465484619},{"id":"https://openalex.org/keywords/personalization","display_name":"Personalization","score":0.621116578578949},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5839428901672363},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.49079546332359314},{"id":"https://openalex.org/keywords/cybercrime","display_name":"Cybercrime","score":0.4528050422668457},{"id":"https://openalex.org/keywords/multi-factor-authentication","display_name":"Multi-factor authentication","score":0.43246549367904663},{"id":"https://openalex.org/keywords/identity-theft","display_name":"Identity theft","score":0.4273260235786438},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.41711705923080444},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.3958350419998169},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.34791868925094604},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.3462735712528229},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.09419125318527222},{"id":"https://openalex.org/keywords/marketing","display_name":"Marketing","score":0.08640998601913452}],"concepts":[{"id":"https://openalex.org/C83860907","wikidata":"https://www.wikidata.org/wiki/Q135005","display_name":"Phishing","level":3,"score":0.9054142236709595},{"id":"https://openalex.org/C168725872","wikidata":"https://www.wikidata.org/wiki/Q991663","display_name":"Sophistication","level":2,"score":0.7923098802566528},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6844891905784607},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.6819479465484619},{"id":"https://openalex.org/C183003079","wikidata":"https://www.wikidata.org/wiki/Q1000371","display_name":"Personalization","level":2,"score":0.621116578578949},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5839428901672363},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.49079546332359314},{"id":"https://openalex.org/C2779390178","wikidata":"https://www.wikidata.org/wiki/Q29137","display_name":"Cybercrime","level":3,"score":0.4528050422668457},{"id":"https://openalex.org/C194699767","wikidata":"https://www.wikidata.org/wiki/Q7878662","display_name":"Multi-factor authentication","level":4,"score":0.43246549367904663},{"id":"https://openalex.org/C522325796","wikidata":"https://www.wikidata.org/wiki/Q471880","display_name":"Identity theft","level":2,"score":0.4273260235786438},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.41711705923080444},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.3958350419998169},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.34791868925094604},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.3462735712528229},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.09419125318527222},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.08640998601913452},{"id":"https://openalex.org/C36289849","wikidata":"https://www.wikidata.org/wiki/Q34749","display_name":"Social science","level":1,"score":0.0},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3308558.3313489","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3308558.3313489","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3308558.3313489","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The World Wide Web Conference","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3308558.3313489","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3308558.3313489","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3308558.3313489","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The World Wide Web Conference","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2587357081","display_name":null,"funder_award_id":"CNS-1629973 and CNS-1705050","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G768852885","display_name":"II-New: A Dual-Purpose Data Analytics Laboratory","funder_award_id":"1629973","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8440009107","display_name":"SaTC: CORE: Medium: Large-Scale Characterization of DNS Abuse","funder_award_id":"1705050","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320338294","display_name":"Air Force Research Laboratory","ror":"https://ror.org/02e2egq70"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2911547762.pdf","grobid_xml":"https://content.openalex.org/works/W2911547762.grobid-xml"},"referenced_works_count":25,"referenced_works":["https://openalex.org/W755860182","https://openalex.org/W1560502112","https://openalex.org/W1815362064","https://openalex.org/W1975219037","https://openalex.org/W1983581110","https://openalex.org/W2059621117","https://openalex.org/W2073193131","https://openalex.org/W2082180526","https://openalex.org/W2099889974","https://openalex.org/W2125624394","https://openalex.org/W2136136174","https://openalex.org/W2139565456","https://openalex.org/W2162532690","https://openalex.org/W2163949443","https://openalex.org/W2184387311","https://openalex.org/W2344840125","https://openalex.org/W2550183133","https://openalex.org/W2604691034","https://openalex.org/W2753871665","https://openalex.org/W2765227388","https://openalex.org/W2807822918","https://openalex.org/W2900706516","https://openalex.org/W2914982603","https://openalex.org/W6684154300","https://openalex.org/W7044308114"],"related_works":["https://openalex.org/W187406759","https://openalex.org/W1648378477","https://openalex.org/W2032900633","https://openalex.org/W2595760708","https://openalex.org/W182956790","https://openalex.org/W2911255625","https://openalex.org/W2186893595","https://openalex.org/W1981963489","https://openalex.org/W1559396486","https://openalex.org/W3214845967"],"abstract_inverted_index":{"Email":[0],"accounts":[1],"represent":[2],"an":[3],"enticing":[4],"target":[5],"for":[6,9,69],"attackers,":[7],"both":[8],"the":[10,15,51,74,128,135,160],"information":[11],"they":[12,19],"contain":[13],"and":[14,35,53,94,143],"root":[16],"of":[17,63,100,162],"trust":[18],"provide":[20],"to":[21,39,50,72,79,82,121,130,157,159],"other":[22,163],"connected":[23],"web":[24],"services.":[25],"While":[26],"defense-in-depth":[27],"approaches":[28],"such":[29],"as":[30,67,86],"phishing":[31,116],"detection,":[32],"risk":[33],"analysis,":[34],"two-factor":[36,124],"authentication":[37],"help":[38],"stem":[40],"large-scale":[41],"hijackings,":[42],"targeted":[43,64],"attacks":[44],"remain":[45],"a":[46,61],"potent":[47],"threat":[48],"due":[49],"customization":[52],"effort":[54],"involved.":[55],"In":[56],"this":[57],"paper,":[58],"we":[59,88,109,149],"study":[60],"segment":[62],"attackers":[65,77],"known":[66],"\u201chack":[68],"hire\u201d":[70],"services":[71],"understand":[73],"playbook":[75],"that":[76,151],"use":[78],"gain":[80],"access":[81],"victim":[83],"accounts.":[84],"Posing":[85],"buyers,":[87],"interacted":[89],"with":[90,118],"27":[91],"English,":[92],"Russian,":[93],"Chinese":[95],"blackmarket":[96],"services,":[97],"only":[98],"five":[99],"which":[101],"succeeded":[102],"in":[103],"attacking":[104],"synthetic":[105],"(though":[106],"realistic)":[107],"identities":[108],"controlled.":[110],"Attackers":[111],"primarily":[112],"relied":[113],"on":[114],"tailored":[115],"messages,":[117],"enough":[119],"sophistication":[120],"bypass":[122],"SMS":[123],"authentication.":[125],"However,":[126],"despite":[127],"ability":[129],"successfully":[131],"deliver":[132],"account":[133],"access,":[134],"market":[136,165],"exhibited":[137],"low":[138],"volume,":[139],"poor":[140],"customer":[141],"service,":[142],"had":[144],"multiple":[145],"scammers.":[146],"As":[147],"such,":[148],"surmise":[150],"retail":[152],"email":[153],"hijacking":[154],"has":[155],"yet":[156],"mature":[158],"level":[161],"criminal":[164],"segments.":[166]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":9},{"year":2020,"cited_by_count":4},{"year":2019,"cited_by_count":3}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}