The InformationWeek -- Blogs
Welcome Guest. | Log In| Register | Membership Benefits

Digital Life

Topics:   Digital Life

  • Email this page E-mail this page
  • Print this page Print this page
  • Bookmark and Share
  • icon

Phony Phishing Fosters Less-Gullible Users


Posted by Richard Martin, Oct 2, 2007 05:42 PM

Later this week in Pittsburgh, the Anti-Phishing Working Group will hold its eCrime Researchers Summit. Among the presentations will be some findings from researchers at Carnegie Mellon University, who have used phishing tactics to educate unwary users about the dangers of phishing attacks. Got that?

In the CMU study, "three groups of 14 volunteers participated in role-playing exercises in which they processed e-mail" that included a mix of phishing, spam, and legitimate messages. One group received phishing e-mails that directed them to an educational site about not falling for phishing e-mails.

Not only did the members of the fooled group spend more than twice as much time studying the materials on the anti-phishing site, but they were much more successful at identifying phony e-mail going forward: A week later, when the exercise was repeated, those in the "embedded training" group idenfitied 64% of phishing e-mails as bogus, versus 7% spotted by the other two groups.

The findings, said Lorrie Cranor, associate research professor of computer science at Carnegie Mellon and director of the university's Usable Privacy and Security Lab, suggest that "using the tricks of phishers, perhaps in a controlled environment, might be a good first step in educating computer users to protect themselves."

In other words: Once phished, twice shy.

« Nick Carr's New Book: 'The Big Switch' | Main | Isn't It Time Apple And AT&T Opened The iPhone? »



Sign Up Now
For InformationWeek News Alerts




This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.


 
Digital Life Video

 

  1. No Silver Bullet for Parallelism
  2. Think Parallel 2010, Five Years of Multicore
  3. It's All In the Strategy, It's All About the Design

Join The InformationWeek Group On LinkedIn


  1. Verizon Wireless Details Android 2.1 Update For Droid
  2. Why Microsoft Is The New Apple
  3. Flop Or Not, Nexus One Headed To AT&T
  4. No Copy And Paste For Windows Phone 7

  1. Viacom Secretly Uploaded Videos, YouTube Claims
  2. Windows Phone 7 Lacks Flash Support
  3. Ericsson In Talks To Buy LG Nortel Stake
  4. Google Calendar Now Finds Best Meeting Time
  5. Google, Intel, Sony Plan Android TV Platform
  6. Amazon Launches Kindle For Mac

 
  Ars Technica
Boing Boing
Channel 9 Forums
CRN Blogs
Dr.Dobb's Portal: Blogs
Engadget
Gizmodo
GrokLaw 		  Lifehacker
Schneier on Security
Slashdot
TechCrunch
Techdirt
Techmeme
Valleywag
  DECEMBER 2008
NOVEMBER 2008
OCTOBER 2008
SEPTEMBER 2008
AUGUST 2008
JULY 2008
JUNE 2008
MAY 2008 		  APRIL 2008
MARCH 2008
FEBRUARY 2008
JANUARY 2008
DECEMBER 2007
NOVEMBER 2007
OCTOBER 2007
SEPTEMBER 2007