Sciweavers

ITICSE
2006
ACM

Don't be a phish: steps in user education

14 years 5 months ago
Don't be a phish: steps in user education
Phishing, e-mails sent out by hackers to lure unsuspecting victims into giving up confidential information, has been the cause of countless security breaches and has experienced in the last year an increase in frequency and diversity. While regular phishing attacks are easily thwarted, designing the attack to include user context information could potentially increase the user’s vulnerability. To prevent this, phishing education needs to be considered. In this paper we provide an overview of phishing education, focusing on context aware attacks and introduce a new strategy for educating users by combining phishing IQ tests and class discussions. The technique encompasses displaying both legitimate and fraudulent e-mails to users and having them identify the phishing attempts from the authentic e-mails. Proper implementation of this system helps teach users what to look for in e-mails, and how to protect their confidential information from being caught in the nets of phishers. The st...
Stefan A. Robila, James W. Ragucci
Added 14 Jun 2010
Updated 14 Jun 2010
Type Conference
Year 2006
Where ITICSE
Authors Stefan A. Robila, James W. Ragucci
Comments (0)