Security

A Profitless Endeavor: Phishing as Tragedy of the Commons

Download Now Free registration required

Executive Summary

Conventional wisdom is that phishing represents easy money. This paper examines the economics that underly the phenomenon, and very different picture. Phishing is a classic example of tragedy of commons, where there is open access to a resource that has limited ability to regenerate. Since each phisher in dependently seeks to maximize his return, the resource is over-grazed and yields far less than it is capable of. The situation stabilizes only when the average phisher is making only as much as one gives up in opportunity cost. Phishing appears to be a low-skill low-reward business. The enormous amount of phishing activity is evidence of its failure to deliver riches rather than its success, as phishers send more and more email hoping for their share of the bounty that eludes them.

  • Format: PDF
  • Size: 167.6 KB