May 19, 2008 | Research
While good user education can hardly secure a system, we believe that poor user education can put it at serious risk. The current problem of online fraud is exasperated by the fact that most users make security decisions, such as whether to install a given piece of...May 31, 2007 | Research
We discuss the importance of understanding psychological aspects of phishing, and review some recent findings. Given these findings, we critique some commonly used security practices and suggest and review alternatives, including educational approaches. We suggest a...May 26, 2007 | Research
This study aimed to reveal a baseline level of phishing success, finding a success rate of 16% when phishing emails were sent from unknown senders, rising to a full 72% when phishing emails appeared to be from known senders. Jan 26, 2007 | Research
A paper on the factors that make phishing emails and web pages appear authentic and on the factors that make legitamate content appear dubious. Authors draw nine conclusions. Jan 15, 2007 | Research
We argue that phishing IQ tests fail to measure susceptibility to phishing attacks. We conducted a study where 40 subjects were asked to answer a selection of questions from existing phishing IQ tests in which we varied the portion (from 25% to 100%) of the questions...