How Hard Can It Be to Measure Phishing?
Source: Harvard University
Measuring cybercrime might be thought to be easy; if only the criminals and victims would cooperate and provide the data. This short paper explains, by reference to 'phishing' criminality, how even when a great deal of data is available it is far from clear quite what should be measured. Examples show that various groups have, to their own advantage, selectively chosen what they will measure and that failures to fully understand the data collection process can lead to significant bias and the drawing of entirely misleading conclusions.