Sciweavers

SOUPS
2006
ACM

Web wallet: preventing phishing attacks by revealing user intentions

14 years 5 months ago
Web wallet: preventing phishing attacks by revealing user intentions
We introduce a new anti-phishing solution, the Web Wallet. The Web Wallet is a browser sidebar which users can use to submit their sensitive information online. It detects phishing attacks by determining where users intend to submit their information and suggests an alternative safe path to their intended site if the current site does not match it. It integrates security questions into the user’s workflow so that its protection cannot be ignored by the user. We conducted a user study on the Web Wallet prototype and found that the Web Wallet is a promising approach. In the study, it significantly decreased the spoof rate of typical phishing attacks from 63% to 7%, and it effectively prevented all phishing attacks as long as it was used. A majority of the subjects successfully learned to depend on the Web Wallet to submit their login information. However, the study also found that spoofing the Web Wallet interface itself was an effective attack. Moreover, it was not easy to completely...
Min Wu, Robert C. Miller, Greg Little
Added 14 Jun 2010
Updated 14 Jun 2010
Type Conference
Year 2006
Where SOUPS
Authors Min Wu, Robert C. Miller, Greg Little
Comments (0)