{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T14:58:21Z","timestamp":1773154701842,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":40,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,30]],"date-time":"2017-10-30T00:00:00Z","timestamp":1509321600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF","doi-asserted-by":"publisher","award":["CNS-1237265"],"award-info":[{"award-number":["CNS-1237265"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,10,30]]},"DOI":"10.1145\/3133956.3134067","type":"proceedings-article","created":{"date-parts":[[2017,10,27]],"date-time":"2017-10-27T12:48:18Z","timestamp":1509108498000},"page":"1421-1434","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":144,"title":["Data Breaches, Phishing, or Malware?"],"prefix":"10.1145","author":[{"given":"Kurt","family":"Thomas","sequence":"first","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Frank","family":"Li","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}]},{"given":"Ali","family":"Zand","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Jacob","family":"Barrett","sequence":"additional","affiliation":[{"name":"Google, Mountain Vieww, CA, USA"}]},{"given":"Juri","family":"Ranieri","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Luca","family":"Invernizzi","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Yarik","family":"Markov","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Oxana","family":"Comanescu","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Vijay","family":"Eranti","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Angelika","family":"Moscicki","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Daniel","family":"Margolis","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Vern","family":"Paxson","sequence":"additional","affiliation":[{"name":"University of California, Berkeley & International Computer Science Institute, Berkeley, CA, USA"}]},{"given":"Elie","family":"Bursztein","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]}],"member":"320","published-online":{"date-parts":[[2017,10,30]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.7249\/RR1187"},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.49"},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.44"},{"key":"e_1_3_2_2_4_1","volume-title":"Elie Bursztein and Mark Risher. Cleaning up after password dumps. https:\/\/security.googleblog.com\/2014\/09\/cleaning-up-after-password-dumps.html","author":"Borbala Benko Tadek Pietraszek","year":"2014","unstructured":"Tadek Pietraszek Borbala Benko, Elie Bursztein and Mark Risher. Cleaning up after password dumps. https:\/\/security.googleblog.com\/2014\/09\/cleaning-up-after-password-dumps.html, 2014."},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663749"},{"key":"e_1_3_2_2_6_1","volume-title":"REAPER: an automated, scalable solution for mass credential harvesting and OSINT. In eCrime Researchers Summit","author":"Butler Blake","year":"2016","unstructured":"Blake Butler, Brad Wardman, and Nate Pratt. REAPER: an automated, scalable solution for mass credential harvesting and OSINT. In eCrime Researchers Summit, 2016."},{"key":"e_1_3_2_2_7_1","volume-title":"IJICIC","author":"Chou Hsien-Cheng","year":"2013","unstructured":"Hsien-Cheng Chou, Hung-Chang Lee, Hwan-Jeu Yu, Fei-Pei Lai, Kuo-Hsuan Huang, and Chih-Wen Hsueh. Password cracking based on learned patterns from disclosed passwords. IJICIC, 2013."},{"key":"e_1_3_2_2_8_1","volume-title":"Proceedings of the USENIX Workshop on Offensive Technologies","author":"Cova Marco","year":"2008","unstructured":"Marco Cova, Christopher Kruegel, and Giovanni Vigna. There is no free phish: an analysis of \"free\" and live phishing kits. In Proceedings of the USENIX Workshop on Offensive Technologies, 2008."},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23357"},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2010.5461951"},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-34638-5_11"},{"key":"e_1_3_2_2_12_1","volume-title":"Hacker tries to sell 427 milllion stolen myspace passwords for $2,800. https:\/\/motherboard.vice.com\/en_us\/article\/427-million-myspace-passwords-emails-data-breach","author":"Franceschi-Bicchierai Lorenzo","year":"2016","unstructured":"Lorenzo Franceschi-Bicchierai. Hacker tries to sell 427 milllion stolen myspace passwords for $2,800. https:\/\/motherboard.vice.com\/en_us\/article\/427-million-myspace-passwords-emails-data-breach, 2016."},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23240"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879147"},{"key":"e_1_3_2_2_15_1","volume-title":"Dropbox hack leads to leaking of 68m user passwords on the internet. https:\/\/www.theguardian.com\/technology\/2016\/aug\/31\/dropbox-hack-passwords-68m-data-breach","author":"Gibbs Samuel","year":"2016","unstructured":"Samuel Gibbs. Dropbox hack leads to leaking of 68m user passwords on the internet. https:\/\/www.theguardian.com\/technology\/2016\/aug\/31\/dropbox-hack-passwords-68m-data-breach, 2016."},{"key":"e_1_3_2_2_16_1","volume-title":"Yahoo says 1 billion user accounts were hacked. https:\/\/www.nytimes.com\/2016\/12\/14\/technology\/yahoo-hack.html","author":"Goel Vindu","year":"2016","unstructured":"Vindu Goel and Nicole Perlroth. Yahoo says 1 billion user accounts were hacked. https:\/\/www.nytimes.com\/2016\/12\/14\/technology\/yahoo-hack.html, 2016."},{"key":"e_1_3_2_2_17_1","volume-title":"Hackers hit macron with huge email leak ahead of french election. https:\/\/www.wired.com\/2017\/05\/macron-email-hack-french-election\/","author":"Greenberg Andy","year":"2017","unstructured":"Andy Greenberg. Hackers hit macron with huge email leak ahead of french election. https:\/\/www.wired.com\/2017\/05\/macron-email-hack-french-election\/, 2017."},{"key":"e_1_3_2_2_18_1","unstructured":"Robert Hackett. Linkedin lost 167 million account credentials in data breach. http:\/\/fortune.com\/2016\/05\/18\/linkedin-data-breach-email-password\/ 2016."},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978330"},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-04444-1_1"},{"key":"e_1_3_2_2_21_1","volume-title":"How apple and amazon security flaws led to my epic hacking. https:\/\/www.wired.com\/2012\/08\/apple-amazon-mat-honan-hacking\/","author":"Honan Mat","year":"2012","unstructured":"Mat Honan. How apple and amazon security flaws led to my epic hacking. https:\/\/www.wired.com\/2012\/08\/apple-amazon-mat-honan-hacking\/, 2012."},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.50"},{"key":"e_1_3_2_2_23_1","volume-title":"Symposium on Usable Privacy and Security (SOUPS)","author":"Ion Iulia","year":"2015","unstructured":"Iulia Ion, Rob Reeder, and Sunny Consolvo. ... no one can hack my mind: comparing expert and non-expert security practices. In Symposium on Usable Privacy and Security (SOUPS), 2015."},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.38"},{"key":"e_1_3_2_2_25_1","volume-title":"Adobe breach impacted at least 38 million users. https:\/\/krebsonsecurity.com\/2013\/10\/adobe-breach-impacted-at-least-38-million-users\/","author":"Krebs Brian","year":"2013","unstructured":"Brian Krebs. Adobe breach impacted at least 38 million users. https:\/\/krebsonsecurity.com\/2013\/10\/adobe-breach-impacted-at-least-38-million-users\/, 2013."},{"key":"e_1_3_2_2_26_1","volume-title":"Ap twitter account hacked in market-moving attack. https:\/\/www.bloomberg.com\/news\/articles\/2013-04--23\/dow-jones-drops-recovers-after-false-report-on-ap-twitter-page","author":"Lee Edmund","year":"2013","unstructured":"Edmund Lee. Ap twitter account hacked in market-moving attack. https:\/\/www.bloomberg.com\/news\/articles\/2013-04--23\/dow-jones-drops-recovers-after-false-report-on-ap-twitter-page, 2013."},{"key":"e_1_3_2_2_27_1","volume-title":"Proceedings of the USENIX Security Symposium","author":"Marczak William R","year":"2014","unstructured":"William R Marczak, John Scott-Railton, Morgan Marquis-Boire, and Vern Paxson. When governments hack opponents: a look at actors and technology. In Proceedings of the USENIX Security Symposium, 2014."},{"key":"e_1_3_2_2_28_1","unstructured":"Bakuei Matsukawa David Sancho Lord Alfred Remorin Robert McArdle and Ryan Flores. Predator pain and limitless when cybercrime turns into cyberspying. https:\/\/www.trendmicro.de\/cloud-content\/us\/pdfs\/security-intelligence\/white-papers\/wp-predator-pain-and-limitless.pdf 2014."},{"key":"e_1_3_2_2_29_1","volume-title":"Proceedings of the USENIX Security Symposium","author":"Melicher William","year":"2016","unstructured":"William Melicher, Blase Ur, Sean M Segreti, Saranga Komanduri, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor. Fast, lean and accurate: modeling password guessability using neural networks. In Proceedings of the USENIX Security Symposium, 2016."},{"key":"e_1_3_2_2_30_1","volume-title":"Discovering phishing dropboxes using email metadata. In eCrime Researchers Summit","author":"Moore Tyler","year":"2012","unstructured":"Tyler Moore and Richard Clayton. Discovering phishing dropboxes using email metadata. In eCrime Researchers Summit, 2012."},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2987443.2987475"},{"key":"e_1_3_2_2_32_1","volume-title":"Private security group says russia was behind John Podesta's email hack. https:\/\/www.nytimes.com\/2016\/10\/21\/us\/private-security-group-says-russia-was-behind-john-podestas-email-hack.html","author":"Perlroth Nicole","year":"2016","unstructured":"Nicole Perlroth and Michael D. Shear. Private security group says russia was behind John Podesta's email hack. https:\/\/www.nytimes.com\/2016\/10\/21\/us\/private-security-group-says-russia-was-behind-john-podestas-email-hack.html, 2016."},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2556288.2557330"},{"key":"e_1_3_2_2_34_1","volume-title":"Proc. SOUPS","author":"Stobert Elizabeth","year":"2014","unstructured":"Elizabeth Stobert and Robert Biddle. The password life cycle: user behaviour in managing passwords. In Proc. SOUPS, 2014."},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653738"},{"key":"e_1_3_2_2_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660282"},{"key":"e_1_3_2_2_37_1","volume-title":"Symposium on Usable Privacy and Security (SOUPS)","author":"Wash Rick","year":"2016","unstructured":"Rick Wash, Emilee Rader, Ruthie Berman, and Zac Wellmer. Understanding password choices: how frequently entered passwords are re-used across websites. In Symposium on Usable Privacy and Security (SOUPS), 2016."},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.8"},{"key":"e_1_3_2_2_39_1","volume-title":"Alan Sprague, Ragib Hasan, Jason Britt, and Gary Warner. Phish-net: investigating phish clusters using drop email addresses. In eCrime Researchers Summit","author":"Zawoad Shams","year":"2013","unstructured":"Shams Zawoad, Amit Kumar Dutta, Alan Sprague, Ragib Hasan, Jason Britt, and Gary Warner. Phish-net: investigating phish clusters using drop email addresses. In eCrime Researchers Summit, 2013."},{"key":"e_1_3_2_2_40_1","volume-title":"Group posts e-mail hacked from Palin account -- update. https:\/\/www.wired.com\/2008\/09\/group-posts-e-m","author":"Zetter Kim","year":"2008","unstructured":"Kim Zetter. Group posts e-mail hacked from Palin account -- update. https:\/\/www.wired.com\/2008\/09\/group-posts-e-m, 2008.endthebibliography"}],"event":{"name":"CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security","location":"Dallas Texas USA","acronym":"CCS '17","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3134067","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3134067","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3134067","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:11:03Z","timestamp":1750212663000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3134067"}},"subtitle":["Understanding the Risks of Stolen Credentials"],"short-title":[],"issued":{"date-parts":[[2017,10,30]]},"references-count":40,"alternative-id":["10.1145\/3133956.3134067","10.1145\/3133956"],"URL":"https:\/\/doi.org\/10.1145\/3133956.3134067","relation":{},"subject":[],"published":{"date-parts":[[2017,10,30]]},"assertion":[{"value":"2017-10-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}