{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T00:16:22Z","timestamp":1772151382447,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":40,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,10,21]],"date-time":"2019-10-21T00:00:00Z","timestamp":1571616000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,10,21]]},"DOI":"10.1145\/3355369.3355600","type":"proceedings-article","created":{"date-parts":[[2019,10,18]],"date-time":"2019-10-18T12:57:15Z","timestamp":1571403435000},"page":"308-321","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":33,"title":["What You See is NOT What You Get"],"prefix":"10.1145","author":[{"given":"Phani","family":"Vadrevu","sequence":"first","affiliation":[{"name":"University of New Orleans, New Orleans, Louisiana, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Roberto","family":"Perdisci","sequence":"additional","affiliation":[{"name":"University of Georgia, Georgia Institute of Technology, Georgia, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2019,10,21]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"2019. AdSpyglass - Top Ad Networks List. https:\/\/www.adspyglass.com\/best-ad-networks?stream=2&countryid=487&typeid=2#best-networks.  2019. AdSpyglass - Top Ad Networks List. https:\/\/www.adspyglass.com\/best-ad-networks?stream=2&countryid=487&typeid=2#best-networks."},{"key":"e_1_3_2_2_2_1","unstructured":"2019. AdSterra - Push Notifications. https:\/\/blog.adsterra.com\/web-push-notifications-publishers-guide\/.  2019. AdSterra - Push Notifications. https:\/\/blog.adsterra.com\/web-push-notifications-publishers-guide\/."},{"key":"e_1_3_2_2_3_1","volume-title":"BloggersIdeas: List of 15 Best Pop-Under Ad Networks","year":"2018","unstructured":"2019. BloggersIdeas: List of 15 Best Pop-Under Ad Networks 2018 . https:\/\/web.archive.org\/web\/20180102104340\/http:\/\/www.bloggersideas.com:80\/best-pop-under-ad-networks\/. 2019. BloggersIdeas: List of 15 Best Pop-Under Ad Networks 2018. https:\/\/web.archive.org\/web\/20180102104340\/http:\/\/www.bloggersideas.com:80\/best-pop-under-ad-networks\/."},{"key":"e_1_3_2_2_4_1","unstructured":"2019. Chromium Blog: Under the hood - How Chrome's ad filtering works. https:\/\/web.archive.org\/web\/20180322060825\/https:\/\/blog.chromium.org\/2018\/02\/how-chromes-ad-filtering-works.html.  2019. Chromium Blog: Under the hood - How Chrome's ad filtering works. https:\/\/web.archive.org\/web\/20180322060825\/https:\/\/blog.chromium.org\/2018\/02\/how-chromes-ad-filtering-works.html."},{"key":"e_1_3_2_2_5_1","unstructured":"2019. Distil Networks - Bot Detection. https:\/\/www.distilnetworks.com\/block-bot-detection\/.  2019. Distil Networks - Bot Detection. https:\/\/www.distilnetworks.com\/block-bot-detection\/."},{"key":"e_1_3_2_2_6_1","unstructured":"2019. Earning Guys: 14 Best Pop-Under Ad Networks. https:\/\/web.archive.org\/web\/20180104191440\/https:\/\/www.earningguys.com\/advertisement\/best-pop-under-ad-network\/.  2019. Earning Guys: 14 Best Pop-Under Ad Networks. https:\/\/web.archive.org\/web\/20180104191440\/https:\/\/www.earningguys.com\/advertisement\/best-pop-under-ad-network\/."},{"key":"e_1_3_2_2_7_1","unstructured":"2019. Google Developers: Simulate Mobile Devices with Device Mode. https:\/\/developers.google.com\/web\/tools\/chrome-devtools\/device-mode\/.  2019. Google Developers: Simulate Mobile Devices with Device Mode. https:\/\/developers.google.com\/web\/tools\/chrome-devtools\/device-mode\/."},{"key":"e_1_3_2_2_8_1","unstructured":"2019. Google Security Blog: No More Deceptive Download Buttons. https:\/\/web.archive.org\/web\/20180605081413\/https:\/\/security.googleblog.com\/2016\/02\/no-more-deceptive-download-buttons.html.  2019. Google Security Blog: No More Deceptive Download Buttons. https:\/\/web.archive.org\/web\/20180605081413\/https:\/\/security.googleblog.com\/2016\/02\/no-more-deceptive-download-buttons.html."},{"key":"e_1_3_2_2_9_1","unstructured":"2019. Google Support: Where to place the ad code in your HTML. https:\/\/support.google.com\/adsense\/answer\/7477845.  2019. Google Support: Where to place the ad code in your HTML. https:\/\/support.google.com\/adsense\/answer\/7477845."},{"key":"e_1_3_2_2_10_1","unstructured":"2019. Green Bytes: Test Cases for HTTP Redirects. http:\/\/test.greenbytes.de\/tech\/tc\/httpredirects\/.  2019. Green Bytes: Test Cases for HTTP Redirects. http:\/\/test.greenbytes.de\/tech\/tc\/httpredirects\/."},{"key":"e_1_3_2_2_11_1","unstructured":"2019. Hacker Factor: Kind of Like That. https:\/\/web.archive.org\/web\/20180507130827\/http:\/\/www.hackerfactor.com\/blog\/index.php?\/archives\/529-Kind-of-Like-That.html.  2019. Hacker Factor: Kind of Like That. https:\/\/web.archive.org\/web\/20180507130827\/http:\/\/www.hackerfactor.com\/blog\/index.php?\/archives\/529-Kind-of-Like-That.html."},{"key":"e_1_3_2_2_12_1","unstructured":"2019. Malware Fixes: TheGameSearcher unwanted software. https:\/\/malwarefixes.com\/remove-thegamesearcher-google-chrome\/.  2019. Malware Fixes: TheGameSearcher unwanted software. https:\/\/malwarefixes.com\/remove-thegamesearcher-google-chrome\/."},{"key":"e_1_3_2_2_13_1","unstructured":"2019. Online Threat Alerts: Grovelfun reviews. https:\/\/www.onlinethreatalerts.com\/article\/2017\/3\/1\/beware-of-www-grovelfun-com-it-is-a-fraudulent-website\/.  2019. Online Threat Alerts: Grovelfun reviews. https:\/\/www.onlinethreatalerts.com\/article\/2017\/3\/1\/beware-of-www-grovelfun-com-it-is-a-fraudulent-website\/."},{"key":"e_1_3_2_2_14_1","unstructured":"2019. ScamGuard: Funwraith reviews. https:\/\/www.scamguard.com\/funwraithcom\/.  2019. ScamGuard: Funwraith reviews. https:\/\/www.scamguard.com\/funwraithcom\/."},{"key":"e_1_3_2_2_15_1","unstructured":"2019. Selenium - Web Browser Automation. https:\/\/www.seleniumhq.org\/.  2019. Selenium - Web Browser Automation. https:\/\/www.seleniumhq.org\/."},{"key":"e_1_3_2_2_16_1","unstructured":"2019. Symantec WebPulse. https:\/\/sitereview.bluecoat.com\/.  2019. Symantec WebPulse. https:\/\/sitereview.bluecoat.com\/."},{"key":"e_1_3_2_2_17_1","unstructured":"2019. thebot.net - forums. https:\/\/thebot.net\/threads\/300-bounty-selenium-detection-help.375708\/.  2019. thebot.net - forums. https:\/\/thebot.net\/threads\/300-bounty-selenium-detection-help.375708\/."},{"key":"e_1_3_2_2_18_1","unstructured":"2019. Trustpilot: Gnomicfun reviews. https:\/\/www.trustpilot.com\/review\/gnomicfun.com.  2019. Trustpilot: Gnomicfun reviews. https:\/\/www.trustpilot.com\/review\/gnomicfun.com."},{"key":"e_1_3_2_2_19_1","unstructured":"2019. Trustpilot: Playperks reviews. https:\/\/www.trustpilot.com\/review\/playperks.net.  2019. Trustpilot: Playperks reviews. https:\/\/www.trustpilot.com\/review\/playperks.net."},{"key":"e_1_3_2_2_20_1","unstructured":"2019. W3C: Meta Refresh. https:\/\/www.w3.org\/TR\/2011\/WD-html5-author-20110809\/the-meta-element.html.  2019. W3C: Meta Refresh. https:\/\/www.w3.org\/TR\/2011\/WD-html5-author-20110809\/the-meta-element.html."},{"key":"e_1_3_2_2_21_1","unstructured":"2019. W3C: Referrer Policies. https:\/\/www.w3.org\/TR\/referrer-policy\/.  2019. W3C: Referrer Policies. https:\/\/www.w3.org\/TR\/referrer-policy\/."},{"key":"e_1_3_2_2_22_1","volume-title":"Tracing Information Flows Between Ad Exchanges Using Retargeted Ads. In 25th USENIX Security Symposium, USENIX Security 16","author":"Bashir Muhammad Ahmad","year":"2016","unstructured":"Muhammad Ahmad Bashir , Sajjad Arshad , William K. Robertson , and Christo Wilson . 2016 . Tracing Information Flows Between Ad Exchanges Using Retargeted Ads. In 25th USENIX Security Symposium, USENIX Security 16 , Austin, TX, USA, August 10--12 , 2016. 481--496. Muhammad Ahmad Bashir, Sajjad Arshad, William K. Robertson, and Christo Wilson. 2016. Tracing Information Flows Between Ad Exchanges Using Retargeted Ads. In 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10--12, 2016. 481--496."},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1177\/154193129804200504"},{"key":"e_1_3_2_2_24_1","volume-title":"Surveylance: Automatically Detecting Online Survey Scams. In 2018 IEEE Symposium on Security and Privacy, SP 2018, Proceedings, 21--23","author":"Kharraz Amin","year":"2018","unstructured":"Amin Kharraz , William K. Robertson , and Engin Kirda . 2018 . Surveylance: Automatically Detecting Online Survey Scams. In 2018 IEEE Symposium on Security and Privacy, SP 2018, Proceedings, 21--23 May 2018, San Francisco, California, USA. 70--86. Amin Kharraz, William K. Robertson, and Engin Kirda. 2018. Surveylance: Automatically Detecting Online Survey Scams. In 2018 IEEE Symposium on Security and Privacy, SP 2018, Proceedings, 21--23 May 2018, San Francisco, California, USA. 70--86."},{"key":"e_1_3_2_2_25_1","volume-title":"WarningBird: Detecting Suspicious URLs in Twitter Stream. In 19th Annual Network and Distributed System Security Symposium, NDSS 2012","author":"Lee Sangho","year":"2012","unstructured":"Sangho Lee and Jong Kim . 2012 . WarningBird: Detecting Suspicious URLs in Twitter Stream. In 19th Annual Network and Distributed System Security Symposium, NDSS 2012 , San Diego, California, USA, February 5--8 , 2012. Sangho Lee and Jong Kim. 2012. WarningBird: Detecting Suspicious URLs in Twitter Stream. In 19th Annual Network and Distributed System Security Symposium, NDSS 2012, San Diego, California, USA, February 5--8, 2012."},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23319"},{"key":"e_1_3_2_2_27_1","volume-title":"Proceedings of the 2013 IEEE Symposium on Security and Privacy (SP '13)","author":"Li Zhou","year":"2013","unstructured":"Zhou Li , Sumayah Alrwais , Yinglian Xie , Fang Yu , and XiaoFeng Wang . 2013 . Finding the Linchpins of the Dark Web: A Study on Topologically Dedicated Hosts on Malicious Web Infrastructures . In Proceedings of the 2013 IEEE Symposium on Security and Privacy (SP '13) . IEEE Computer Society, Washington, DC, USA, 112--126. https:\/\/doi.org\/10.1109\/SP. 2013.18 10.1109\/SP.2013.18 Zhou Li, Sumayah Alrwais, Yinglian Xie, Fang Yu, and XiaoFeng Wang. 2013. Finding the Linchpins of the Dark Web: A Study on Topologically Dedicated Hosts on Malicious Web Infrastructures. In Proceedings of the 2013 IEEE Symposium on Security and Privacy (SP '13). IEEE Computer Society, Washington, DC, USA, 112--126. https:\/\/doi.org\/10.1109\/SP.2013.18"},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382267"},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046762"},{"key":"e_1_3_2_2_30_1","volume-title":"Dial One for Scam: A Large-Scale Analysis of Technical Support Scams. In 24th Annual Network and Distributed System Security Symposium, NDSS 2017","author":"Miramirkhani Najmeh","year":"2017","unstructured":"Najmeh Miramirkhani , Oleksii Starov , and Nick Nikiforakis . 2017 . Dial One for Scam: A Large-Scale Analysis of Technical Support Scams. In 24th Annual Network and Distributed System Security Symposium, NDSS 2017 , San Diego, California, USA, February 26 - March 1, 2017. Najmeh Miramirkhani, Oleksii Starov, and Nick Nikiforakis. 2017. Dial One for Scam: A Large-Scale Analysis of Technical Support Scams. In 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, February 26 - March 1, 2017."},{"key":"e_1_3_2_2_31_1","volume-title":"Towards Measuring and Mitigating Social Engineering Software Download Attacks. In 25th USENIX Security Symposium, USENIX Security 16","author":"Nelms Terry","year":"2016","unstructured":"Terry Nelms , Roberto Perdisci , Manos Antonakakis , and Mustaque Ahamad . 2016 . Towards Measuring and Mitigating Social Engineering Software Download Attacks. In 25th USENIX Security Symposium, USENIX Security 16 , Austin, TX, USA, August 10--12 , 2016. 773--789. https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/nelms Terry Nelms, Roberto Perdisci, Manos Antonakakis, and Mustaque Ahamad. 2016. Towards Measuring and Mitigating Social Engineering Software Download Attacks. In 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10--12, 2016. 773--789. https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/nelms"},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2566486.2567983"},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23030"},{"key":"e_1_3_2_2_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3178876.3186098"},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3178876.3186089"},{"key":"e_1_3_2_2_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2068816.2068843"},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516682"},{"key":"e_1_3_2_2_38_1","volume-title":"Parking Sensors: Analyzing and Detecting Parked Domains. In 22nd Annual Network and Distributed System Security Symposium, NDSS 2015","author":"Vissers Thomas","year":"2015","unstructured":"Thomas Vissers , Wouter Joosen , and Nick Nikiforakis . 2015 . Parking Sensors: Analyzing and Detecting Parked Domains. In 22nd Annual Network and Distributed System Security Symposium, NDSS 2015 , San Diego, California, USA, February 8--11 , 2015. Thomas Vissers, Wouter Joosen, and Nick Nikiforakis. 2015. Parking Sensors: Analyzing and Detecting Parked Domains. In 22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, California, USA, February 8--11, 2015."},{"key":"e_1_3_2_2_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3278532.3278550"},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663719"}],"event":{"name":"IMC '19: ACM Internet Measurement Conference","location":"Amsterdam Netherlands","acronym":"IMC '19","sponsor":["SIGMETRICS ACM Special Interest Group on Measurement and Evaluation","SIGCOMM ACM Special Interest Group on Data Communication"]},"container-title":["Proceedings of the Internet Measurement Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3355369.3355600","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3355369.3355600","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:23:33Z","timestamp":1750202613000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3355369.3355600"}},"subtitle":["Discovering and Tracking Social Engineering Attack Campaigns"],"short-title":[],"issued":{"date-parts":[[2019,10,21]]},"references-count":40,"alternative-id":["10.1145\/3355369.3355600","10.1145\/3355369"],"URL":"https:\/\/doi.org\/10.1145\/3355369.3355600","relation":{},"subject":[],"published":{"date-parts":[[2019,10,21]]},"assertion":[{"value":"2019-10-21","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}