I got Spam?!

SecurityFocus: Researchers at Harvard University and UC Berkeley have published a document explaining why phishing works on general users.

This paper provides the first empirical evidence about which malicious strategies are successful at deceiving general users. We first analyzed a large set of captured phishing attacks and developed a set of hypotheses about why these strategies might work. We then assessed these hypotheses with a usability study in which 22 participants were shown 20 web sites and asked to determine which ones were fraudulent. We found that 23% of the participants did not look at browser-based cues such as the address bar, status bar and the security indicators, leading to incorrect choices 40% of the time.

http://people.deas.harvard.edu/~rachna/papers/why_phishing_works.pdf

source Schneier on Security.

• Why phishing works
• Schneier on Security: Why Phishing Works
• FTC Issues Report on Malicious Spam and Phishing
• Why Phishing Works
• Corporations Perpetuating Phishing Scams?
• Exposing a Phishing Attack
• FBI Issues Phishing Warning
• 40 Charged In Phishing Scheme
• Avoiding Phishing Scams

Filed under: Uncategorized Tags: by admin Date 5 April, 2006