Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Carnegie Mellon researchers fight phishing attacks with phishing tactics

05.10.2007
Results will be presented this week at eCrime researchers summit

Early findings by Carnegie Mellon University researchers suggest that people who are suckered by a spoof email into visiting a counterfeit Web site are also people who are ready to learn their lesson about “phishing” attacks.

Phishing attacks have become a common method for stealing personal identification information, such as bank account numbers and passwords. Lorrie Cranor, associate research professor of computer science, said phishing often is successful because many people ignore educational materials that otherwise might help them recognize such frauds.

But in a laboratory study, the researchers fought “phire with phire” and found that when they sent their own spoof email to users and tricked them into visiting an educational Web site, those people tended to learn and retain more of the lesson about how to spot phishing sites.

Ponnurangam Kumaraguru, a graduate student in the School of Computer Science’s Institute for Software Research, will present the study results Friday, Oct. 5 at the Anti-Phishing Working Group’s (APWG) eCrime Researchers Summit in Pittsburgh. The summit, sponsored by the APWG and hosted by Carnegie Mellon CyLab, includes leading industrial and academic practitioners in the field of electronic crime research.

In the study, three groups of 14 volunteers participated in role-playing exercises in which they processed email, which included a mix of phishing, spam and legitimate email. Those in the “embedded training” group, who were given anti-phishing educational materials after they had fallen for a phishing email, spent more than twice as much time studying the materials than those who were presented the materials without first being tricked. Those who were presented the materials without being tricked were no better at identifying phishing emails than those who received no anti-phishing educational materials. A week later, when the exercise was repeated, those in the embedded training group were significantly more successful in identifying phishing emails than those in the other two groups — 64 percent of phishing emails identified by the embedded training group versus 7 percent identified by the other two groups.

Cranor, director of the Carnegie Mellon Usable Privacy and Security Lab, said additional testing will be necessary to confirm these results. But the initial findings suggest that using the tricks of phishers, perhaps in a controlled environment, might be a good first step in educating computer users to protect themselves.

In addition to Cranor and Kumaraguru, the study team included faculty members Jason Hong and Alessandro Acquisti and graduate students Yong Rhee, Steve Sheng and Sharique Hasan. Their paper is available at http://www.ecrimeresearch.org/2007/proceedings/p70_kumaraguru.pdf.

According to the latest trend report for June, APWG detected 31,709 phishing Web sites, a drop of 6,000 from May, and 146 brands were hijacked, a slight decrease from May. But the number of unique phishing reports was 28,888 in June, up by more than 5,000 over May. The vast majority of attacks were in the financial services sector.

Byron Spice | EurekAlert!
Further information:
http://www.cmu.edu
http://www.ecrimeresearch.org/2007/program.html

More articles from Information Technology:

nachricht NASA CubeSat to test miniaturized weather satellite technology
10.11.2017 | NASA/Goddard Space Flight Center

nachricht New approach uses light instead of robots to assemble electronic components
08.11.2017 | The Optical Society

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Nanoparticles help with malaria diagnosis – new rapid test in development

The WHO reports an estimated 429,000 malaria deaths each year. The disease mostly affects tropical and subtropical regions and in particular the African continent. The Fraunhofer Institute for Silicate Research ISC teamed up with the Fraunhofer Institute for Molecular Biology and Applied Ecology IME and the Institute of Tropical Medicine at the University of Tübingen for a new test method to detect malaria parasites in blood. The idea of the research project “NanoFRET” is to develop a highly sensitive and reliable rapid diagnostic test so that patient treatment can begin as early as possible.

Malaria is caused by parasites transmitted by mosquito bite. The most dangerous form of malaria is malaria tropica. Left untreated, it is fatal in most cases....

Im Focus: A “cosmic snake” reveals the structure of remote galaxies

The formation of stars in distant galaxies is still largely unexplored. For the first time, astron-omers at the University of Geneva have now been able to closely observe a star system six billion light-years away. In doing so, they are confirming earlier simulations made by the University of Zurich. One special effect is made possible by the multiple reflections of images that run through the cosmos like a snake.

Today, astronomers have a pretty accurate idea of how stars were formed in the recent cosmic past. But do these laws also apply to older galaxies? For around a...

Im Focus: Visual intelligence is not the same as IQ

Just because someone is smart and well-motivated doesn't mean he or she can learn the visual skills needed to excel at tasks like matching fingerprints, interpreting medical X-rays, keeping track of aircraft on radar displays or forensic face matching.

That is the implication of a new study which shows for the first time that there is a broad range of differences in people's visual ability and that these...

Im Focus: Novel Nano-CT device creates high-resolution 3D-X-rays of tiny velvet worm legs

Computer Tomography (CT) is a standard procedure in hospitals, but so far, the technology has not been suitable for imaging extremely small objects. In PNAS, a team from the Technical University of Munich (TUM) describes a Nano-CT device that creates three-dimensional x-ray images at resolutions up to 100 nanometers. The first test application: Together with colleagues from the University of Kassel and Helmholtz-Zentrum Geesthacht the researchers analyzed the locomotory system of a velvet worm.

During a CT analysis, the object under investigation is x-rayed and a detector measures the respective amount of radiation absorbed from various angles....

Im Focus: Researchers Develop Data Bus for Quantum Computer

The quantum world is fragile; error correction codes are needed to protect the information stored in a quantum object from the deteriorating effects of noise. Quantum physicists in Innsbruck have developed a protocol to pass quantum information between differently encoded building blocks of a future quantum computer, such as processors and memories. Scientists may use this protocol in the future to build a data bus for quantum computers. The researchers have published their work in the journal Nature Communications.

Future quantum computers will be able to solve problems where conventional computers fail today. We are still far away from any large-scale implementation,...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

Ecology Across Borders: International conference brings together 1,500 ecologists

15.11.2017 | Event News

Road into laboratory: Users discuss biaxial fatigue-testing for car and truck wheel

15.11.2017 | Event News

#Berlin5GWeek: The right network for Industry 4.0

30.10.2017 | Event News

 
Latest News

Corporate coworking as a driver of innovation

22.11.2017 | Business and Finance

PPPL scientists deliver new high-resolution diagnostic to national laser facility

22.11.2017 | Physics and Astronomy

Quantum optics allows us to abandon expensive lasers in spectroscopy

22.11.2017 | Physics and Astronomy

VideoLinks
B2B-VideoLinks
More VideoLinks >>>