igotspam

Why Phishing Works

Filed in archive on April 5, 2006

SecurityFocus: Researchers at Harvard University and UC Berkeley have published a document explaining why phishing works on general users.

This paper provides the first empirical evidence about which malicious strategies are successful at deceiving general users. We first analyzed a large set of captured phishing attacks and developed a set of hypotheses about why these strategies might work. We then assessed these hypotheses with a usability study in which 22 participants were shown 20 web sites and asked to determine which ones were fraudulent. We found that 23% of the participants did not look at browser-based cues such as the address bar, status bar and the security indicators, leading to incorrect choices 40% of the time.

http://people.deas.harvard.edu/~rachna/papers/why_phishing_works.pdf

source Schneier on Security.

Related Entries:

« Anti-Spyware Coalitition ... | Main | SPAM-o-meter »

Permalink: Why Phishing Works

Tags: phishing spam

Vote for Why Phishing Works:

Currently 8.00/10
1
2
3
4
5
6
7
8
9
10

Rating: 8.00 out of 3 vote(s) cast.

Add your response to Why Phishing Works:

Name: *

Email: (will never be shown)*

URL:

(* marked fields are required)

Notify me if more comments appear?

Subscribe to I got Spam?! newsletter? (Newsletters are sent out weekly).

Remember me

Security Code: *
(Please help us to sort out spam.)

Please enter your comment here: (Sorry, no HTML is allowed - URLs will be made clickable automatically if you add http:// to your URL.)

We welcome your comments, however all comments are moderated. Offensive or off-topic comments will be deleted and not displayed.

Share It

Tagcloud

All contents are protected by copyright. | Terms of Use | Privacy Policy | Contact Us