Professional Documents
Culture Documents
Jason I. Hong
Carnegie Mellon University
Everyday Privacy and Security Problem
This entire process
known as phishing
Phishing is a Plague on the Internet
• Human side
– Interviews to understand decision-making
– PhishGuru embedded training
– Anti-Phishing Phil game
– Understanding effectiveness of browser warnings
• Computer side
– PILFER email anti-phishing filter
– CANTINA web anti-phishing algorithm
• Human side
– Interviews to understand decision-making
– PhishGuru embedded training
– Anti-Phishing Phil game
– Understanding effectiveness of browser warnings
• Computer side
– PILFER email anti-phishing filter
– CANTINA web anti-phishing algorithm
“I will probably give them the information that they asked for.
And I would assume that I had already given them that
information at some point so I will feel comfortable giving it to
them again.”
Summary of Findings
• Human side
– Interviews to understand decision-making
– PhishGuru embedded training
– Anti-Phishing Phil game
– Understanding effectiveness of browser warnings
• Computer side
– PILFER email anti-phishing filter
– CANTINA web anti-phishing algorithm
http://www.amazon.com/exec/obidos/sign-in.html
Intervention #1 – Diagram
Intervention #1 – Diagram
Explains what a
phishing scam is
Intervention #1 –Explains
Diagram how to identify
a phishing scam
Intervention #1 – Explains
Diagram simple things
you can do to protect self
Intervention #2 – Comic Strip
Embedded Training Evaluation #1
• New questions:
– Have to fall for phishing email to be effective?
– How well do people retain knowledge?
1.00
0.90
0.80
Mean correctness
0.68
Correctness
0.70
0.64
0.60
0.50
0.40
0.30
1.00
0.90
0.80
Mean correctness
0.68
Correctness
0.70
0.64
0.60
0.50
0.40
0.30
• Goals
– How to parse URLs
– Where to look for URLs
– Use search engines for help
• Three conditions:
– Web-based phishing education
– Printed tutorial of our materials
– Anti-phishing Phil
• Human side
– Interviews to understand decision-making
– PhishGuru embedded training
– Anti-Phishing Phil game
– Understanding effectiveness of browser warnings
• Computer side
– PILFER email anti-phishing filter
– CANTINA web anti-phishing algorithm
• “Shopping Study”
– Setup some fake phishing pages and added to blacklists
– Users were phished after purchases
– Real email accounts and personal information
– Spoofing eBay and Amazon (2 phish/user)
– We observed them interact with the warnings
How Effective are these Warnings?
Improving Phishing Indicators
• Human side
– Interviews to understand decision-making
– PhishGuru embedded training
– Anti-Phishing Phil game
– Understanding effectiveness of browser warnings
• Computer side
– PILFER email anti-phishing filter
– CANTINA web anti-phishing algorithm
• Human side
– Interviews to understand decision-making
– PhishGuru embedded training
– Anti-Phishing Phil game
– Understanding effectiveness of browser warnings
• Computer side
– PILFER email anti-phishing filter
– CANTINA web anti-phishing algorithm
70% SpoofGuard
EarthLink
60% Netcraft
Google
50% IE7
Cloudmark
40% TrustWatch
eBay
30% Netscape
McAfee
20%
10%
0%
0 1 2 12 24
90%
80%
SpoofGuard
70% EarthLink
Netcraft
60% Firefox w/Google
IE7
50% Cloudmark
TrustWatch
40%
eBay
30% Netscape
CallingID
20% Firefox
10%
0%
0 1 2 12 24
• Can we do better?
– Can we use search engines to help find phish?
Fake Real
How CANTINA Works
90
80
70
60
on a link
50
40
30
20
10
0
Our label
Yes No