Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Universities study why phishing works
Kelly Martin, 2006-03-31
Comments Mode:
Universities study why phishing works 2006-04-02
TJ (1 replies)
Technology can only help so much! The real problem is the true lack of critical thinking skills by the general population. The message: don't be the low hanging fruit that the phishers (bad guys) go after....

[ more ]  [ reply ]
Actually, they got the high-hanging fruit, too. 2006-04-05
Roger (1 replies)
I think you need to read the paper more carefully. It wasn't just the "low hanging fruit" get taken, the researchers found that there was very little difference in vulnerability between the second least sophisticated category and most sophisticated category of users. Alarmingly, even "Type 5 users" ...

[ more ]  [ reply ]
Re: Actually, they got the high-hanging fruit, too. 2006-04-07
TJ (1 replies)
By no means am I infallible, but I have yet to be fooled by a phishing attempt. It's not how smart you are, it's your critical thinking skills, which as I've stated, is greatly lacking, even those who consider themselves intelligent!...

[ more ]  [ reply ]
Re: Re: Actually, they got the high-hanging fruit, too. 2006-04-10
Roger (1 replies)
> It's not how smart you are, it's your critical thinking skills,

While critical thinking is important and admirable, I can't agree that this is the core of the problem. The core of the problem is that internet banking was foisted on us by banks to shave a few more pennies from their costs by sac...

[ more ]  [ reply ]
Re: Re: Re: Actually, they got the high-hanging fruit, too. 2006-06-08
Gaz
Just wanted to agree that if the effort needed is too great, then the experience is deemed 'not worth it'. One can only get so far by clarifying the warnings to the uninitiated. If it gets too much folk either stop using the Net for financial transactions, or they blank it all out and (get their b...

[ more ]  [ reply ]
Universities study why phishing works 2006-04-05
Anonymous (1 replies)
you have to be so n00b and stupid if you put your information in a scam webpage......

[ more ]  [ reply ]
Wrong 2006-04-07
Anonymous (1 replies)
Another idiot^W reader who didn't bother to read the actual paper. It turns out that you DON'T need to be n00b and stupid, the latest phishing efforts are so slick they fool even very smart users (people who understand how to parse X.509 certs and do whois searches) who have just been warned that th...

[ more ]  [ reply ]
No need for this 2006-04-07
TJ (1 replies)
"Another idiot^W reader who didn't bother to read the actual paper."

There is no need to make personal attacks. By doing so, you eliminate yourself from the discussion....

[ more ]  [ reply ]
Re: No need for this 2006-04-10
Anonymous (1 replies)
You're right, and I apologise.

But I should point out that the poster to whom I was replying was also flinging insults, claiming that people who get tricked by phishers ("tricked", in this case, meaning "being the victim of a serious crime that may completely destroy your livelihood") are "n00b a...

[ more ]  [ reply ]
Re: Re: No need for this 2006-06-08
Gaz
Not at all, it's the sort of error we are all subject to, when spotting a troll, since we are only human. :-)...

[ more ]  [ reply ]
Universities study why phishing works 2006-06-08
BillB
This problem is largely behaviorial. The only immediate way I can see to prevent capturing sensitive data is to always attempt to log into such sites purposely using bad credentials. If the site lets you in, then it's likely bogus. Of course, it would be tough to get people to adhere to this....

[ more ]  [ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus