Universities study why phishing works

Universities study why phishing works
Kelly Martin, 2006-03-31

Expand all | Post comment

Universities study why phishing works 2006-04-02
TJ (1 replies)

Actually, they got the high-hanging fruit, too. 2006-04-05
Roger (1 replies)

Re: Actually, they got the high-hanging fruit, too. 2006-04-07
TJ (1 replies)

Re: Re: Actually, they got the high-hanging fruit, too. 2006-04-10
Roger (1 replies)

Re: Re: Re: Actually, they got the high-hanging fruit, too. 2006-06-08
Gaz

Universities study why phishing works 2006-04-05
Anonymous (1 replies)

Wrong 2006-04-07
Anonymous (1 replies)

Another idiot^W reader who didn't bother to read the actual paper. It turns out that you DON'T need to be n00b and stupid, the latest phishing efforts are so slick they fool even very smart users (people who understand how to parse X.509 certs and do whois searches) who have just been warned that there is a ~50% chance the site they are looking at is faked. Under those circumstances, even the MOST sophisticated users were fooled THIRTY PERCENT of the time.

The current total system -- security infrastructure, web site design and business rules, browser interfaces -- is just not up to the job. It is not ready for internet commerce, and if you think phishing is only for fools and you're too smart for the bad guys, you will probably be their next victim.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/176/867#867

No need for this 2006-04-07
TJ (1 replies)

Re: No need for this 2006-04-10
Anonymous (1 replies)

Re: Re: No need for this 2006-06-08
Gaz

Universities study why phishing works 2006-06-08
BillB