While good user education can hardly secure a system, we believe that poor user education can put it at serious risk. The current problem of online fraud is exasperated by the fact that most users make security decisions, such as whether to install a given piece of...
We discuss the importance of understanding psychological aspects of phishing, and review some recent findings. Given these findings, we critique some commonly used security practices and suggest and review alternatives, including educational approaches. We suggest a...
This study aimed to reveal a baseline level of phishing success, finding a success rate of 16% when phishing emails were sent from unknown senders, rising to a full 72% when phishing emails appeared to be from known senders.
A paper on the factors that make phishing emails and web pages appear authentic and on the factors that make legitamate content appear dubious. Authors draw nine conclusions.
We argue that phishing IQ tests fail to measure susceptibility to phishing attacks. We conducted a study where 40 subjects were asked to answer a selection of questions from existing phishing IQ tests in which we varied the portion (from 25% to 100%) of the questions...
This study is a large scale investigation of trust manipulation tactics used by phishing web sites and email messages. The experiment focuses on media authenticity evaluations, rather than content credibility with the assumption that its authors are known. It tests...
Stay up to date
Sign up to our newsletter for the latest news, views and insights.
