This document describes the design and evaluation of an online game called "Anti-Phishing Phil" that teaches users how to identify phishing attacks. The game was designed based on learning science principles and tested in a user study where participants identified fraudulent websites before and after training. The study found that participants who played the game performed better at identifying phishing sites than those who read an anti-phishing tutorial or existing online materials, showing that games can be an effective way to educate people about security threats.
Credential Harvesting Using Man in the Middle Attack via Social Engineeringijtsrd
With growing internet users threat landscape is also increasing widely. Even following standard security policies and using multiple security layers will not keep users safe unless they are well aware of the emerging cyber threats and the risks involved. Humans are the weakest link in the security system as they possess emotions that can be exploited with minimum reconnaissance. social engineering is a type of cyber attack where it exploits human behavior or emotions to collect sensitive information such as username, password, personal details, etc. This paper proposes a system that helps end users to understand that even using security mechanisms such as two factor authentication can be useless when the user is not aware of basic security elements and make internet users aware of cyber threats and the risk involved. Sudhakar P | Dr. Uma Rani Chellapandy "Credential Harvesting Using Man in the Middle Attack via Social Engineering" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-6 | Issue-3 , April 2022, URL: https://www.ijtsrd.com/papers/ijtsrd49629.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/49629/credential-harvesting-using-man-in-the-middle-attack-via-social-engineering/sudhakar-p
The document summarizes a study that examined perceived risk and self-efficacy regarding internet security in a marginalized community. 44 participants were interviewed about their perceptions of risk and self-efficacy when using the internet. They were shown examples of safe and malicious websites. While participants were aware of security risks, they had low self-efficacy and saw themselves as vulnerable. They were introduced to PopJART security software but low self-efficacy and perceived barriers prevented adoption, even though they had confidence in its accuracy. The study found that increasing self-efficacy may be more important than communicating risk when designing security services for low-proficiency users.
All About Phishing Exploring User Research Through A Systematic Literature R...Gina Rizzo
This document summarizes a systematic literature review of 51 academic papers that studied users and phishing attacks. The review found that while over 367 papers were published on phishing starting in 2004 in the ACM Digital Library, only 13.9% (51 papers) included user studies using methods like interviews, surveys, or lab studies. Within these 51 papers, there was a lack of reporting important methodological details like participant numbers and characteristics. The review also noted potential recruitment biases in some of the studies. The document provides background on common phishing techniques and debates the importance of understanding users to prevent successful phishing attacks.
A Systematic Literature Review on Phishing and Anti-Phishing Techniques.pdfKatie Naple
This document summarizes a literature review on phishing and anti-phishing techniques. It identifies various types of phishing techniques discussed in the literature, with spear phishing, email spoofing, email manipulation, and phone phishing being the most commonly discussed. It also identifies machine learning approaches as the most effective anti-phishing technique discussed, having the highest accuracy in detecting and preventing phishing attacks. The review was conducted following a systematic literature review process, analyzing 20 papers selected from an initial pool of 80 papers based on inclusion/exclusion criteria.
This document summarizes 12 sources on topics related to cybersecurity threats such as spam, phishing, ransomware, and malware detection techniques. The sources discuss using machine learning algorithms and heuristic approaches to detect spam accounts, phishing websites, and ransomware variants. Some propose new techniques like using Twitter data and mobile messages to detect spam or combining feature selection with metaheuristic algorithms to identify phishing sites. Others analyze hyperlinks or topic distributions to identify phishing attacks or classify anti-phishing solutions. The document also mentions the rise of ransomware attacks and techniques used in related studies.
PHISHING DETECTION IN IMS USING DOMAIN ONTOLOGY AND CBA – AN INNOVATIVE RULE ...ijistjournal
User ignorance towards the use of communication services like Instant Messengers, emails, websites, social networks etc. is becoming the biggest advantage for phishers. It is required to create technical awareness in users by educating them to create a phishing detection application which would generate phishing alerts for the user so that phishing messages are not ignored. The lack of basic security features to detect and prevent phishing has had a profound effect on the IM clients, as they lose their faith in e-banking and e-commerce transactions, which will have a disastrous impact on the corporate and banking sectors and businesses which rely heavily on the internet. Very little research contributions were available in for phishing detection in Instant messengers. A context based, dynamic and intelligent phishing detection methodology in IMs is proposed, to analyze and detect phishing in Instant Messages with relevance to domain ontology (OBIE) and utilizes the Classification based on Association (CBA) for generating phishing rules and alerting the victims. A PDS Monitoring system algorithm is used to identify the phishing activity during exchange of messages in IMs, with high ratio of precision and recall. The results have shown improvement by the increased percentage of precision and recall when compared to the existing methods.
IRJET- Honeywords: A New Approach for Enhancing SecurityIRJET Journal
This document summarizes a research paper on honeywords, a new approach for enhancing password security. Honeywords involve storing fake passwords (honeywords) along with the real password for each user account. If an attacker tries to login with a honeyword, it triggers an alarm. The document outlines the proposed system, which generates a unique honey index for each account during registration. It stores the hash of the real password along with the correct honey index. If an attacker enters an incorrect password after 3 attempts, the account is blocked. The system creates honeywords after successful login. It also discusses related work and concludes that honeywords make password cracking detectable and more difficult.
How to Make People Click on a Dangerous Link Despite their Security Awareness mark-smith
It is possible to make virtually any person click on a link, as any person will be curious about something, or interested in some topic, or find the message plausible because they know the sender, or because it fits their expectations (context).
Credential Harvesting Using Man in the Middle Attack via Social Engineeringijtsrd
With growing internet users threat landscape is also increasing widely. Even following standard security policies and using multiple security layers will not keep users safe unless they are well aware of the emerging cyber threats and the risks involved. Humans are the weakest link in the security system as they possess emotions that can be exploited with minimum reconnaissance. social engineering is a type of cyber attack where it exploits human behavior or emotions to collect sensitive information such as username, password, personal details, etc. This paper proposes a system that helps end users to understand that even using security mechanisms such as two factor authentication can be useless when the user is not aware of basic security elements and make internet users aware of cyber threats and the risk involved. Sudhakar P | Dr. Uma Rani Chellapandy "Credential Harvesting Using Man in the Middle Attack via Social Engineering" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-6 | Issue-3 , April 2022, URL: https://www.ijtsrd.com/papers/ijtsrd49629.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/49629/credential-harvesting-using-man-in-the-middle-attack-via-social-engineering/sudhakar-p
The document summarizes a study that examined perceived risk and self-efficacy regarding internet security in a marginalized community. 44 participants were interviewed about their perceptions of risk and self-efficacy when using the internet. They were shown examples of safe and malicious websites. While participants were aware of security risks, they had low self-efficacy and saw themselves as vulnerable. They were introduced to PopJART security software but low self-efficacy and perceived barriers prevented adoption, even though they had confidence in its accuracy. The study found that increasing self-efficacy may be more important than communicating risk when designing security services for low-proficiency users.
All About Phishing Exploring User Research Through A Systematic Literature R...Gina Rizzo
This document summarizes a systematic literature review of 51 academic papers that studied users and phishing attacks. The review found that while over 367 papers were published on phishing starting in 2004 in the ACM Digital Library, only 13.9% (51 papers) included user studies using methods like interviews, surveys, or lab studies. Within these 51 papers, there was a lack of reporting important methodological details like participant numbers and characteristics. The review also noted potential recruitment biases in some of the studies. The document provides background on common phishing techniques and debates the importance of understanding users to prevent successful phishing attacks.
A Systematic Literature Review on Phishing and Anti-Phishing Techniques.pdfKatie Naple
This document summarizes a literature review on phishing and anti-phishing techniques. It identifies various types of phishing techniques discussed in the literature, with spear phishing, email spoofing, email manipulation, and phone phishing being the most commonly discussed. It also identifies machine learning approaches as the most effective anti-phishing technique discussed, having the highest accuracy in detecting and preventing phishing attacks. The review was conducted following a systematic literature review process, analyzing 20 papers selected from an initial pool of 80 papers based on inclusion/exclusion criteria.
This document summarizes 12 sources on topics related to cybersecurity threats such as spam, phishing, ransomware, and malware detection techniques. The sources discuss using machine learning algorithms and heuristic approaches to detect spam accounts, phishing websites, and ransomware variants. Some propose new techniques like using Twitter data and mobile messages to detect spam or combining feature selection with metaheuristic algorithms to identify phishing sites. Others analyze hyperlinks or topic distributions to identify phishing attacks or classify anti-phishing solutions. The document also mentions the rise of ransomware attacks and techniques used in related studies.
PHISHING DETECTION IN IMS USING DOMAIN ONTOLOGY AND CBA – AN INNOVATIVE RULE ...ijistjournal
User ignorance towards the use of communication services like Instant Messengers, emails, websites, social networks etc. is becoming the biggest advantage for phishers. It is required to create technical awareness in users by educating them to create a phishing detection application which would generate phishing alerts for the user so that phishing messages are not ignored. The lack of basic security features to detect and prevent phishing has had a profound effect on the IM clients, as they lose their faith in e-banking and e-commerce transactions, which will have a disastrous impact on the corporate and banking sectors and businesses which rely heavily on the internet. Very little research contributions were available in for phishing detection in Instant messengers. A context based, dynamic and intelligent phishing detection methodology in IMs is proposed, to analyze and detect phishing in Instant Messages with relevance to domain ontology (OBIE) and utilizes the Classification based on Association (CBA) for generating phishing rules and alerting the victims. A PDS Monitoring system algorithm is used to identify the phishing activity during exchange of messages in IMs, with high ratio of precision and recall. The results have shown improvement by the increased percentage of precision and recall when compared to the existing methods.
IRJET- Honeywords: A New Approach for Enhancing SecurityIRJET Journal
This document summarizes a research paper on honeywords, a new approach for enhancing password security. Honeywords involve storing fake passwords (honeywords) along with the real password for each user account. If an attacker tries to login with a honeyword, it triggers an alarm. The document outlines the proposed system, which generates a unique honey index for each account during registration. It stores the hash of the real password along with the correct honey index. If an attacker enters an incorrect password after 3 attempts, the account is blocked. The system creates honeywords after successful login. It also discusses related work and concludes that honeywords make password cracking detectable and more difficult.
How to Make People Click on a Dangerous Link Despite their Security Awareness mark-smith
It is possible to make virtually any person click on a link, as any person will be curious about something, or interested in some topic, or find the message plausible because they know the sender, or because it fits their expectations (context).
Phishing detection in ims using domain ontology and cba an innovative rule ...ijistjournal
User ignorance towards the use of communication services like Instant Messengers, emails, websites, social networks etc. is becoming the biggest advantage for phishers. It is required to create technical awareness in users by educating them to create a phishing detection application which would generate phishing alerts for the user so that phishing messages are not ignored. The lack of basic security features to detect and prevent phishing has had a profound effect on the IM clients, as they lose their faith in e-banking and e-commerce transactions, which will have a disastrous impact on the corporate and banking sectors and businesses which rely heavily on the internet.Very little research contributions were available in for phishing detection in Instant messengers. A context
based, dynamic and intelligent phishing detection
methodology in IMs is proposed, to analyze and detect phishing in Instant Messages with relevance to domain ontology (OBIE) and utilizes the Classification based on Association (CBA) for generating phishing rules and alerting the victims. A PDS Monitoring system algorithm is used to identify the phishing activity during exchange of messages in IMs, with high ratio of precision and recall. The results have shown improvement by the increased percentage of precision and recall when compared to the existing methods.
A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...IJECEIAES
This document summarizes a novel approach for real-time classification of phishing emails using the K-means clustering algorithm. The authors used 160 emails from computer engineering students from the previous year. They achieved true positive rates of 67% for legitimate emails and 80% for phishing emails, and true negative rates of 30% and 20%, respectively. The high accuracy rates show that K-means clustering is effective for classifying phishing emails in real time. The authors then categorized the reasons for incorrect classifications into three groups: the look and feel of the email, the email's technical parameters, and the email's structure.
MULTI-LEVEL PARSING BASED APPROACH AGAINST PHISHING ATTACKS WITH THE HELP OF ...IJNSA Journal
The increasing use of internet all over the world, be it in households or in corporate firms, has led to an unprecedented rise in cyber-crimes. Amongst these the major chunk consists of Internet attacks which are the most popular and common attacks are carried over the internet. Generally phishing attacks, SSL attacks and some other hacking attacks are kept into this category. Security against these attacks is the major issue of internet security in today’s scenario where internet has very deep penetration. Internet has no doubt made our lives very convenient. It has provided many facilities to us at penny’s cost. For instance it has made communication lightning fast and that too at a very cheap cost. But internet can pose added threats for those users who are not well versed in the ways of internet and unaware of the security risks attached with it. Phishing Attacks, Nigerian Scam, Spam attacks, SSL attacks and other hacking attacks are some of the most common and recent attacks to compromise the privacy of the internet users. Many a times if the user isn’t careful, then these attacks are able to steal the confidential information of user (or unauthorized access). Generally these attacks are carried out with the help of social networking sites, popular mail server sites, online chatting sites etc. Nowadays, Facebook.com, gmail.com, orkut.com and many other social networking sites are facing these security attack problems.
This paper discusses a Knowledge Base Compound approach which is based on query operations and parsing techniques to counter these internet attacks using the web browser itself. In this approach we propose to analyze the web URLs before visiting the actual site, so as to provide security against web attacks mentioned above. This approach employs various parsing operations and query processing which use many techniques to detect the phishing attacks as well as other web attacks. The aforementioned approach is completely based on operation through the browser and hence only affects the speed of browsing. This approach also includes Crawling operation to detect the URL details to further enhance the precision of detection of a compromised site. Using the proposed methodology, a new browser can easily detects the phishing attacks, SSL attacks, and other hacking attacks. With the use of this browser approach, we can easily achieve 96.94% security against phishing as well as other web based attacks.
An Automated Model to Detect Fake Profiles and botnets in Online Social Netwo...IOSR Journals
This document discusses an automated model for detecting fake profiles and botnets in online social networks. It begins with background on the prevalence of fake accounts, which can compromise user privacy and security. Next, it reviews related work on using data hiding techniques like steganography and watermarking to embed information in profile pictures in order to identify suspicious accounts. The proposed model aims to automatically detect fake profiles and botnets to replace current manual methods that are costly and labor-intensive.
1) The document proposes an automated model to detect fake profiles and botnets on online social networks using steganography and watermarking techniques.
2) It describes embedding unique information like a user's email or username into profile pictures during upload using watermarking. This allows detecting stolen pictures used for fake profiles.
3) The model is extended to also search uploaded pictures against billions of online images to detect multiple uses of the same picture for different profiles, as watermarking alone may fail if the picture is edited. Detected users must then prove ownership rights to the picture.
This document discusses social engineering and identity theft. It begins with an introduction to Gaurav Singh and his interests in social engineering attacks and network penetration testing. It then defines social engineering as the art of stealing information from humans through deception rather than technical attacks. The document outlines common social engineering techniques including impersonation, phishing, and using social media to gather information about targets. It also discusses vulnerabilities that enable social engineering like trust, ignorance, and greed. The document explains the risks of social networking in corporate networks and the process of identity theft. It concludes with recommendations for social engineering countermeasures like strong passwords, access control, and monitoring social media activities.
Multi level parsing based approach against phishing attacks with the help of ...IJNSA Journal
The increasing use of internet all over the world, be it in households or in corporate firms, has led to an
unprecedented rise in cyber-crimes. Amongst these the major chunk consists of Internet attacks which are
the most popular and common attacks are carried over the internet. Generally phishing attacks, SSL
attacks and some other hacking attacks are kept into this category. Security against these attacks is the
major issue of internet security in today’s scenario where internet has very deep penetration. Internet has
no doubt made our lives very convenient. It has provided many facilities to us at penny’s cost. For instance
it has made communication lightning fast and that too at a very cheap cost. But internet can pose added
threats for those users who are not well versed in the ways of internet and unaware of the security risks
attached with it. Phishing Attacks, Nigerian Scam, Spam attacks, SSL attacks and other hacking attacks are
some of the most common and recent attacks to compromise the privacy of the internet users. Many a times
if the user isn’t careful, then these attacks are able to steal the confidential information of user (or
unauthorized access). Generally these attacks are carried out with the help of social networking sites,
popular mail server sites, online chatting sites etc. Nowadays, Facebook.com, gmail.com, orkut.com and
many other social networking sites are facing these security attack problems.
Cybersecurity awareness is the understanding of the importance of protecting data and information from malicious activities.
It involves understanding the risks associated with digital communication, online activities, and technology in general.
This document presents research on developing an automated method for detecting phishing web pages. Previous anti-phishing approaches fall into four categories: studying phishing, training users, improving user interfaces, and detection tools. However, previous works only address limited services. The proposed approach involves checking URLs and page content against a database of known phishing sites and identifying abnormal conditions to detect new phishing sites. The methodology includes two main steps: 1) checking a site against the database and 2) searching for abnormal conditions that may indicate a new phishing site. Experimental analysis was conducted and the results are discussed, noting areas for potential improvement.
An Indistinguishability Model for Evaluating Diverse Classes of Phishing Atta...CSCJournals
This document presents a theoretical model for evaluating phishing attacks based on the indistinguishability of natural and phishing message distributions. The model views a phishing attack as an attempt to generate messages that are indistinguishable from normal messages. It captures a phishing attack in terms of the statistical distance between the natural and phishing message probability distributions. The model also proposes metrics to analyze the success probability of phishing attacks and distinguisher algorithms. Finally, it discusses a new class of collaborative spear phishing attacks enabled by data breaches at large companies.
An Indistinguishability Model for Evaluating Diverse Classes of Phishing Atta...CSCJournals
Phishing is a growing threat to Internet users and causes billions of dollars in damage every year. While there are a number of research articles that study the tactics, techniques and procedures employed by phishers in the literature, in this paper, we present a theoretical yet practical model to study this menacing threat in a formal manner. While it is common folklore knowledge that a successful phishing attack entails creating messages that are indistinguishable from the natural, expected messages by the intended victim, this concept has not been formalized. Our model attempts to capture a phishing attack in terms of this indistinguishability between the natural and phishing message probability distributions. We view the actions performed by a phisher as an attempt to create messages that are indistinguishable to the victim from that of “normal” messages. To the best of our knowledge, this is the first study that places phishing on a concrete theoretical framework and offers a new perspective to analyze this threat. We propose metrics to analyze the success probability of a phishing attack taking into account the input used by a phisher and the work involved in creating deceptive email messages. Finally, we study and apply our model to a new class of phishing attacks called collaborative spear phishing that is gaining momentum. Recent examples include Operation Woolen-Goldfish in 2015, Rocket Kitten in 2014 and Epsilon email breach in 2011. We point out fundamental flaws in the current email-based marketing business model which enables such targeted spear phishing collaborative attacks. In this sense, our study is very timely and presents new and emerging trends in phishing.
This document is a seminar report submitted by Nupur Roy to the Department of Information Technology at International Institute of Information Technology in Bhubaneswar, India in January 2014. The report explores the topic of spyware, including its definition, types, how it operates, impact, and countermeasures. It contains chapters on introduction, overview, motivation, objectives, details about spyware and different types, how spyware operates to track information, impact of spyware, ways to counter spyware, and legal implications.
Clustering Categorical Data for Internet Security ApplicationsIJSTA
This document summarizes research on clustering categorical data for internet security applications. It discusses using clustering techniques for malware categorization, phishing website detection, and detecting secure emails. Feature extraction and categorization are generally used to automatically group file samples or websites. The document also reviews several related works applying clustering and other techniques for malware analysis, phishing detection, and analyzing privacy-breaching malware behavior.
The document discusses a project to develop a machine learning based system to detect phishing websites. The system will act as a browser extension to automatically notify users when a phishing website is detected. It will use the random forest technique for supervised learning and study website features to train a classifier to detect phishing sites. The project aims to prevent phishing attacks and provide a safe browsing experience for users by distinguishing between legitimate and fraudulent websites.
PHISHING ATTACKS PROPOSAL 6
Phishing Attacks Proposal
Introduction and Problem Statement
Over the past years, one of the most challenging crimes that have been a serious threat to the internet security of all computer users has been identity theft. This is a lucrative crime whose roots spread across the world and are perpetrated by different individuals using sophisticated technology. Identity theft entails the act of stealing as well as utilizing the identity information of another person to commit crimes such as steal money, crucial personal information, or even destroy confidential data and information (Psannis & Gamagedara, 2017). One of the techniques that have been used to perpetrate identity theft is a phishing attack. A phishing attack refers to a type of crime associated with social engineering whose emergence, occurrence, and advancements are proving to be an enormous challenge for both key industry players as well as academic researchers (Lyashenko, 2015).
The main aim of carrying out phishing attacks is to steal crucial information that is sensitive to users such as online banking details, usernames, and even passwords. According to researchers, the number of phishing attacks is becoming a serious threat, and in other cases, phishing reports indicate that it is not only the organizations that are becoming victims of the phishing attacks but the number of attacks is on the rise, and the level of sophistication is also advancing day in day out (Doupe & Warner, 2018). Of importance is that the phishing attacks have evolved in terms of the approaches that are followed in penetrating computer users and violating their privacy.
Objectives
This research aims at studying the level of sophistication in which phishing attacks has advanced. In this regard, it seeks to determine how modern methods of phishing attacks are different from the traditional ones. Secondly, this research aims to explain the different current methods of carrying out phishing attacks. Thirdly, this research study aims at determining how these sophisticated methods of carrying out phishing attacks can be controlled.
Literature Review
Different researchers and professionals have explored the issue of modern phishing attacks and presented their work in the form of journals and articles of research. One amongst the journals is “Defending against phishing attacks: Taxonomy of methods, current issues, and future directions,” authored by Kostas Psannis, and Nalin Asanka Gamagedara (2017). In their research, they noted that phishing statistics indicate that there is a rise in the number of successful attacks that are being carried out against industries and critical institutions. Psannis and Gamagedara (2017) present this statistical information in the form of a pie chart showing the various domains that exist and how each one of them has been affected. Based on a report presented in the form of a pie chart by the team, domains that are worst hit by the crime includ ...
This document provides an overview of phishing techniques and methods. It defines phishing as impersonating legitimate websites to steal user credentials. The document describes the phishing life cycle, which includes planning attacks, collecting credentials through fake websites, and committing fraud. It also discusses common phishing techniques like mimicking legitimate websites and using pop-up windows to steal information. The goal of the document is to analyze phishing methods to help combat this growing security threat.
This document analyzes the mobile threat landscape and user behavior that drives mobile threats. Key findings include:
- Mobile threats are currently mischiefware focused on scams, spam and phishing rather than breaking devices.
- Pornography sites pose high risks, with nearly 3 times the chance of malicious content than other sites.
- Malnets, which drove most desktop threats in 2012, are now targeting mobile users, originating 40% of blocked mobile malware.
- User behavior like visiting shortened links and expecting different mobile sites increases risks of deception.
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...IRJET Journal
This document summarizes a research paper on assessing whether spreading awareness about phishing attacks is effective in reducing attacks. Key points:
1. Phishing attacks are increasing and allow criminals to deceive users and steal important data. Spreading phishing awareness through training may help reduce attacks by empowering users to identify phishing emails and avoid risks.
2. Phishing awareness training can help organizations meet regulatory compliance requirements and make employees the first line of defense against cyberattacks.
3. Studies show that most data breaches are caused by phishing and losses from business email compromise attacks are increasing, demonstrating the need to minimize phishing attacks through awareness training.
4. A survey found that while most people
This document outlines a security awareness training program. It covers topics like password usage and management, virus protection, email safety, internet usage, shoulder surfing, social engineering, access control, and use of personal devices. The training aims to educate employees on security policies and risks. It will be held annually in the front conference room. The goal is to help employees recognize security threats and stay informed to keep the company's data and systems secure.
This document discusses legal and ethical issues related to technology and communication in education, focusing on phishing and software privacy. It defines phishing as a type of social engineering attack where attackers try to trick users into revealing sensitive information. Common phishing techniques include promising too-good-to-be-true offers, creating a sense of urgency, including suspicious links or attachments in emails, and impersonating unusual senders. It also discusses how to prevent phishing attacks and defines different types like spear phishing. The document then discusses software privacy, describing types of privacy software that protect users' internet privacy and data through whitelisting/blacklisting, encryption, intrusion detection systems, and steganography.
The document provides instructions for a lab experiment to test the relationship between current, force, and length of a conductor wire by passing a current through a wire near magnets. Students are asked to measure the force on the wire for different currents and lengths to understand how force is affected by these variables based on the equation that force is directly proportional to the current and length of the wire and the magnetic field. The objective is to experimentally validate the theoretical relationship between these factors.
Want To Get More People To Support Live Music Start Concerts EarlierJasmine Dixon
The document discusses lucid dreaming, which is the ability to realize when one is dreaming and have control over their dreams. It notes that dreams provide an unlimited playground for the mind where anything can happen, but that people rarely realize the freedoms granted in dreams while having them. Lucid dreaming allows people to gain awareness and control within their dreams.
Phishing detection in ims using domain ontology and cba an innovative rule ...ijistjournal
User ignorance towards the use of communication services like Instant Messengers, emails, websites, social networks etc. is becoming the biggest advantage for phishers. It is required to create technical awareness in users by educating them to create a phishing detection application which would generate phishing alerts for the user so that phishing messages are not ignored. The lack of basic security features to detect and prevent phishing has had a profound effect on the IM clients, as they lose their faith in e-banking and e-commerce transactions, which will have a disastrous impact on the corporate and banking sectors and businesses which rely heavily on the internet.Very little research contributions were available in for phishing detection in Instant messengers. A context
based, dynamic and intelligent phishing detection
methodology in IMs is proposed, to analyze and detect phishing in Instant Messages with relevance to domain ontology (OBIE) and utilizes the Classification based on Association (CBA) for generating phishing rules and alerting the victims. A PDS Monitoring system algorithm is used to identify the phishing activity during exchange of messages in IMs, with high ratio of precision and recall. The results have shown improvement by the increased percentage of precision and recall when compared to the existing methods.
A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...IJECEIAES
This document summarizes a novel approach for real-time classification of phishing emails using the K-means clustering algorithm. The authors used 160 emails from computer engineering students from the previous year. They achieved true positive rates of 67% for legitimate emails and 80% for phishing emails, and true negative rates of 30% and 20%, respectively. The high accuracy rates show that K-means clustering is effective for classifying phishing emails in real time. The authors then categorized the reasons for incorrect classifications into three groups: the look and feel of the email, the email's technical parameters, and the email's structure.
MULTI-LEVEL PARSING BASED APPROACH AGAINST PHISHING ATTACKS WITH THE HELP OF ...IJNSA Journal
The increasing use of internet all over the world, be it in households or in corporate firms, has led to an unprecedented rise in cyber-crimes. Amongst these the major chunk consists of Internet attacks which are the most popular and common attacks are carried over the internet. Generally phishing attacks, SSL attacks and some other hacking attacks are kept into this category. Security against these attacks is the major issue of internet security in today’s scenario where internet has very deep penetration. Internet has no doubt made our lives very convenient. It has provided many facilities to us at penny’s cost. For instance it has made communication lightning fast and that too at a very cheap cost. But internet can pose added threats for those users who are not well versed in the ways of internet and unaware of the security risks attached with it. Phishing Attacks, Nigerian Scam, Spam attacks, SSL attacks and other hacking attacks are some of the most common and recent attacks to compromise the privacy of the internet users. Many a times if the user isn’t careful, then these attacks are able to steal the confidential information of user (or unauthorized access). Generally these attacks are carried out with the help of social networking sites, popular mail server sites, online chatting sites etc. Nowadays, Facebook.com, gmail.com, orkut.com and many other social networking sites are facing these security attack problems.
This paper discusses a Knowledge Base Compound approach which is based on query operations and parsing techniques to counter these internet attacks using the web browser itself. In this approach we propose to analyze the web URLs before visiting the actual site, so as to provide security against web attacks mentioned above. This approach employs various parsing operations and query processing which use many techniques to detect the phishing attacks as well as other web attacks. The aforementioned approach is completely based on operation through the browser and hence only affects the speed of browsing. This approach also includes Crawling operation to detect the URL details to further enhance the precision of detection of a compromised site. Using the proposed methodology, a new browser can easily detects the phishing attacks, SSL attacks, and other hacking attacks. With the use of this browser approach, we can easily achieve 96.94% security against phishing as well as other web based attacks.
An Automated Model to Detect Fake Profiles and botnets in Online Social Netwo...IOSR Journals
This document discusses an automated model for detecting fake profiles and botnets in online social networks. It begins with background on the prevalence of fake accounts, which can compromise user privacy and security. Next, it reviews related work on using data hiding techniques like steganography and watermarking to embed information in profile pictures in order to identify suspicious accounts. The proposed model aims to automatically detect fake profiles and botnets to replace current manual methods that are costly and labor-intensive.
1) The document proposes an automated model to detect fake profiles and botnets on online social networks using steganography and watermarking techniques.
2) It describes embedding unique information like a user's email or username into profile pictures during upload using watermarking. This allows detecting stolen pictures used for fake profiles.
3) The model is extended to also search uploaded pictures against billions of online images to detect multiple uses of the same picture for different profiles, as watermarking alone may fail if the picture is edited. Detected users must then prove ownership rights to the picture.
This document discusses social engineering and identity theft. It begins with an introduction to Gaurav Singh and his interests in social engineering attacks and network penetration testing. It then defines social engineering as the art of stealing information from humans through deception rather than technical attacks. The document outlines common social engineering techniques including impersonation, phishing, and using social media to gather information about targets. It also discusses vulnerabilities that enable social engineering like trust, ignorance, and greed. The document explains the risks of social networking in corporate networks and the process of identity theft. It concludes with recommendations for social engineering countermeasures like strong passwords, access control, and monitoring social media activities.
Multi level parsing based approach against phishing attacks with the help of ...IJNSA Journal
The increasing use of internet all over the world, be it in households or in corporate firms, has led to an
unprecedented rise in cyber-crimes. Amongst these the major chunk consists of Internet attacks which are
the most popular and common attacks are carried over the internet. Generally phishing attacks, SSL
attacks and some other hacking attacks are kept into this category. Security against these attacks is the
major issue of internet security in today’s scenario where internet has very deep penetration. Internet has
no doubt made our lives very convenient. It has provided many facilities to us at penny’s cost. For instance
it has made communication lightning fast and that too at a very cheap cost. But internet can pose added
threats for those users who are not well versed in the ways of internet and unaware of the security risks
attached with it. Phishing Attacks, Nigerian Scam, Spam attacks, SSL attacks and other hacking attacks are
some of the most common and recent attacks to compromise the privacy of the internet users. Many a times
if the user isn’t careful, then these attacks are able to steal the confidential information of user (or
unauthorized access). Generally these attacks are carried out with the help of social networking sites,
popular mail server sites, online chatting sites etc. Nowadays, Facebook.com, gmail.com, orkut.com and
many other social networking sites are facing these security attack problems.
Cybersecurity awareness is the understanding of the importance of protecting data and information from malicious activities.
It involves understanding the risks associated with digital communication, online activities, and technology in general.
This document presents research on developing an automated method for detecting phishing web pages. Previous anti-phishing approaches fall into four categories: studying phishing, training users, improving user interfaces, and detection tools. However, previous works only address limited services. The proposed approach involves checking URLs and page content against a database of known phishing sites and identifying abnormal conditions to detect new phishing sites. The methodology includes two main steps: 1) checking a site against the database and 2) searching for abnormal conditions that may indicate a new phishing site. Experimental analysis was conducted and the results are discussed, noting areas for potential improvement.
An Indistinguishability Model for Evaluating Diverse Classes of Phishing Atta...CSCJournals
This document presents a theoretical model for evaluating phishing attacks based on the indistinguishability of natural and phishing message distributions. The model views a phishing attack as an attempt to generate messages that are indistinguishable from normal messages. It captures a phishing attack in terms of the statistical distance between the natural and phishing message probability distributions. The model also proposes metrics to analyze the success probability of phishing attacks and distinguisher algorithms. Finally, it discusses a new class of collaborative spear phishing attacks enabled by data breaches at large companies.
An Indistinguishability Model for Evaluating Diverse Classes of Phishing Atta...CSCJournals
Phishing is a growing threat to Internet users and causes billions of dollars in damage every year. While there are a number of research articles that study the tactics, techniques and procedures employed by phishers in the literature, in this paper, we present a theoretical yet practical model to study this menacing threat in a formal manner. While it is common folklore knowledge that a successful phishing attack entails creating messages that are indistinguishable from the natural, expected messages by the intended victim, this concept has not been formalized. Our model attempts to capture a phishing attack in terms of this indistinguishability between the natural and phishing message probability distributions. We view the actions performed by a phisher as an attempt to create messages that are indistinguishable to the victim from that of “normal” messages. To the best of our knowledge, this is the first study that places phishing on a concrete theoretical framework and offers a new perspective to analyze this threat. We propose metrics to analyze the success probability of a phishing attack taking into account the input used by a phisher and the work involved in creating deceptive email messages. Finally, we study and apply our model to a new class of phishing attacks called collaborative spear phishing that is gaining momentum. Recent examples include Operation Woolen-Goldfish in 2015, Rocket Kitten in 2014 and Epsilon email breach in 2011. We point out fundamental flaws in the current email-based marketing business model which enables such targeted spear phishing collaborative attacks. In this sense, our study is very timely and presents new and emerging trends in phishing.
This document is a seminar report submitted by Nupur Roy to the Department of Information Technology at International Institute of Information Technology in Bhubaneswar, India in January 2014. The report explores the topic of spyware, including its definition, types, how it operates, impact, and countermeasures. It contains chapters on introduction, overview, motivation, objectives, details about spyware and different types, how spyware operates to track information, impact of spyware, ways to counter spyware, and legal implications.
Clustering Categorical Data for Internet Security ApplicationsIJSTA
This document summarizes research on clustering categorical data for internet security applications. It discusses using clustering techniques for malware categorization, phishing website detection, and detecting secure emails. Feature extraction and categorization are generally used to automatically group file samples or websites. The document also reviews several related works applying clustering and other techniques for malware analysis, phishing detection, and analyzing privacy-breaching malware behavior.
The document discusses a project to develop a machine learning based system to detect phishing websites. The system will act as a browser extension to automatically notify users when a phishing website is detected. It will use the random forest technique for supervised learning and study website features to train a classifier to detect phishing sites. The project aims to prevent phishing attacks and provide a safe browsing experience for users by distinguishing between legitimate and fraudulent websites.
PHISHING ATTACKS PROPOSAL 6
Phishing Attacks Proposal
Introduction and Problem Statement
Over the past years, one of the most challenging crimes that have been a serious threat to the internet security of all computer users has been identity theft. This is a lucrative crime whose roots spread across the world and are perpetrated by different individuals using sophisticated technology. Identity theft entails the act of stealing as well as utilizing the identity information of another person to commit crimes such as steal money, crucial personal information, or even destroy confidential data and information (Psannis & Gamagedara, 2017). One of the techniques that have been used to perpetrate identity theft is a phishing attack. A phishing attack refers to a type of crime associated with social engineering whose emergence, occurrence, and advancements are proving to be an enormous challenge for both key industry players as well as academic researchers (Lyashenko, 2015).
The main aim of carrying out phishing attacks is to steal crucial information that is sensitive to users such as online banking details, usernames, and even passwords. According to researchers, the number of phishing attacks is becoming a serious threat, and in other cases, phishing reports indicate that it is not only the organizations that are becoming victims of the phishing attacks but the number of attacks is on the rise, and the level of sophistication is also advancing day in day out (Doupe & Warner, 2018). Of importance is that the phishing attacks have evolved in terms of the approaches that are followed in penetrating computer users and violating their privacy.
Objectives
This research aims at studying the level of sophistication in which phishing attacks has advanced. In this regard, it seeks to determine how modern methods of phishing attacks are different from the traditional ones. Secondly, this research aims to explain the different current methods of carrying out phishing attacks. Thirdly, this research study aims at determining how these sophisticated methods of carrying out phishing attacks can be controlled.
Literature Review
Different researchers and professionals have explored the issue of modern phishing attacks and presented their work in the form of journals and articles of research. One amongst the journals is “Defending against phishing attacks: Taxonomy of methods, current issues, and future directions,” authored by Kostas Psannis, and Nalin Asanka Gamagedara (2017). In their research, they noted that phishing statistics indicate that there is a rise in the number of successful attacks that are being carried out against industries and critical institutions. Psannis and Gamagedara (2017) present this statistical information in the form of a pie chart showing the various domains that exist and how each one of them has been affected. Based on a report presented in the form of a pie chart by the team, domains that are worst hit by the crime includ ...
This document provides an overview of phishing techniques and methods. It defines phishing as impersonating legitimate websites to steal user credentials. The document describes the phishing life cycle, which includes planning attacks, collecting credentials through fake websites, and committing fraud. It also discusses common phishing techniques like mimicking legitimate websites and using pop-up windows to steal information. The goal of the document is to analyze phishing methods to help combat this growing security threat.
This document analyzes the mobile threat landscape and user behavior that drives mobile threats. Key findings include:
- Mobile threats are currently mischiefware focused on scams, spam and phishing rather than breaking devices.
- Pornography sites pose high risks, with nearly 3 times the chance of malicious content than other sites.
- Malnets, which drove most desktop threats in 2012, are now targeting mobile users, originating 40% of blocked mobile malware.
- User behavior like visiting shortened links and expecting different mobile sites increases risks of deception.
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...IRJET Journal
This document summarizes a research paper on assessing whether spreading awareness about phishing attacks is effective in reducing attacks. Key points:
1. Phishing attacks are increasing and allow criminals to deceive users and steal important data. Spreading phishing awareness through training may help reduce attacks by empowering users to identify phishing emails and avoid risks.
2. Phishing awareness training can help organizations meet regulatory compliance requirements and make employees the first line of defense against cyberattacks.
3. Studies show that most data breaches are caused by phishing and losses from business email compromise attacks are increasing, demonstrating the need to minimize phishing attacks through awareness training.
4. A survey found that while most people
This document outlines a security awareness training program. It covers topics like password usage and management, virus protection, email safety, internet usage, shoulder surfing, social engineering, access control, and use of personal devices. The training aims to educate employees on security policies and risks. It will be held annually in the front conference room. The goal is to help employees recognize security threats and stay informed to keep the company's data and systems secure.
This document discusses legal and ethical issues related to technology and communication in education, focusing on phishing and software privacy. It defines phishing as a type of social engineering attack where attackers try to trick users into revealing sensitive information. Common phishing techniques include promising too-good-to-be-true offers, creating a sense of urgency, including suspicious links or attachments in emails, and impersonating unusual senders. It also discusses how to prevent phishing attacks and defines different types like spear phishing. The document then discusses software privacy, describing types of privacy software that protect users' internet privacy and data through whitelisting/blacklisting, encryption, intrusion detection systems, and steganography.
The document provides instructions for a lab experiment to test the relationship between current, force, and length of a conductor wire by passing a current through a wire near magnets. Students are asked to measure the force on the wire for different currents and lengths to understand how force is affected by these variables based on the equation that force is directly proportional to the current and length of the wire and the magnetic field. The objective is to experimentally validate the theoretical relationship between these factors.
Want To Get More People To Support Live Music Start Concerts EarlierJasmine Dixon
The document discusses lucid dreaming, which is the ability to realize when one is dreaming and have control over their dreams. It notes that dreams provide an unlimited playground for the mind where anything can happen, but that people rarely realize the freedoms granted in dreams while having them. Lucid dreaming allows people to gain awareness and control within their dreams.
Professional Essay Writers Online Story Of One Author Custom EssayJasmine Dixon
The document discusses getting a tattoo after surviving cancer. The author got their first tattoo at 18 of the phrase "I Win" along with their chemotherapy dates. They developed a close relationship with their tattoo artist but must hide their tattoo around important people and in future jobs. The essay will discuss the history of tattooing from ancient cultures to demonstrate its importance in society and changing views of tattoos in the workplace.
How To Format A College Essay A ComprehensiveJasmine Dixon
Teen suicide is often caused by mental health issues such as depression and anxiety, as well as stressors like academic pressure, family problems, and bullying. Relationship breakups and social isolation can also contribute to suicidal thoughts in teenagers. Underlying medical conditions may play a role as well, exacerbating mental health problems and making teens more vulnerable to suicidal ideation.
A Nature Walk A Descriptive Essay By Toni Seychelle - Hello PoetryJasmine Dixon
This document provides instructions for requesting paper writing assistance from a website. It outlines a 5-step process: 1) Create an account with a password and email. 2) Complete a 10-minute order form providing instructions, sources, and deadline. 3) Review bids from writers and select one based on qualifications. 4) Receive the paper and authorize payment if pleased. 5) Request revisions until satisfied, with a refund option for plagiarism. The process aims to match clients with qualified writers and ensure paper quality and customer satisfaction.
How To Write An Essay Cover Page EasyBibJasmine Dixon
The document provides instructions for creating an account on the HelpWriting.net site in order to request that a writer complete an assignment. It outlines a 5-step process: 1) Create an account with a password and email. 2) Complete a form with assignment details, sources, and deadline. 3) Review bids from writers and choose one. 4) Review the completed paper and authorize payment. 5) Request revisions until satisfied. The site promises original, high-quality work or a full refund.
I apologize, upon reviewing the document further it does not appear to contain a full paper discussing social process theory. The introduction provided is incomplete and does not have any body paragraphs analyzing aspects of social process theory. As such, I do not feel comfortable providing a summary. For legal and ethical reasons, I cannot generate or modify full papers without the original author's consent. Please feel free to provide a more substantive document for me to summarize.
Halloween Bats Writing Paper Have Fun TeachingJasmine Dixon
The document provides instructions for requesting writing assistance from HelpWriting.net. It outlines a 5-step process: 1) Create an account with a password and email. 2) Complete a 10-minute order form providing instructions, sources, and deadline. 3) Review bids from writers and select one based on qualifications. 4) Review the completed paper and authorize payment if satisfied. 5) Request revisions to ensure satisfaction, and HelpWriting.net offers refunds for plagiarized work.
How To Write A Movie Review Essay What IJasmine Dixon
The document provides instructions for a 5-step process to request an assignment be written by another writer through the HelpWriting.net website. The steps include 1) creating an account, 2) completing an order form with instructions and deadline, 3) reviewing bids from writers and selecting one, 4) ensuring the completed paper meets expectations, and 5) requesting revisions if needed and being assured of original, high-quality content.
Printable Stationary Paper Borders For Paper ChristmJasmine Dixon
The document summarizes the themes and plot of Giovanni Boccaccio's Decameron. It discusses how the story is set during the Black Death in Florence and follows 10 young Florentines who leave the city to escape the plague. To pass the time in the countryside, they agree to each tell one story per day, with a different person choosing the theme for that day's stories. This introduces multiple genres and allows Boccaccio to explore various topics and social issues through tales of love, betrayal, and more.
025 Theme Essay Example Literary Examples Samples Writing AnalysJasmine Dixon
This document provides a summary of the key differences and similarities between the Bauhaus and Minimalism art movements of the 20th century. Both movements departed from previous art that was symbolic or emotionally driven, instead focusing on simplification, functionality and industrial materials. Bauhaus emphasized design and functionality while Minimalism reduced art to its most basic forms. Overall the movements shared a rejection of ornamentation but differed in Bauhaus' focus on design and Minimalism's emphasis on reducing art to fundamental forms and concepts.
The document provides instructions for requesting an essay writing service from HelpWriting.net. It outlines a 5-step process: 1) Create an account with a password and email. 2) Complete a 10-minute order form providing instructions, sources, and deadline. 3) Review bids from writers and choose one based on qualifications. 4) Review the completed paper and authorize payment if satisfied. 5) Request revisions to ensure satisfaction, and the company offers refunds for plagiarized work.
Describing A Person Paragraph. How To WriteJasmine Dixon
The document provides instructions for seeking writing help from HelpWriting.net. It outlines a 5-step process: 1) Create an account and provide contact details. 2) Complete an order form with instructions, sources, and deadline. 3) Review bids from writers and choose one based on qualifications. 4) Review the completed paper and authorize payment. 5) Request revisions until satisfied, with a refund option for plagiarized content.
Color Coded Ice Cream Writing Paper (Color BWJasmine Dixon
The passage discusses Susan B. Anthony's act of courage in daring to vote despite it being illegal for women at the time. It compares her act of civil disobedience to voting her right to that of Ana escaping a violent gang in her memoir. Both stories showcase courage but differ in tone - Ana's memoir has a darker, more violent mood while Susan B. Anthony's story has a more uplifting, determined mood as she fights for women's suffrage.
An ecotourism project analysis and evaluation framework for international dev...Jasmine Dixon
This document provides an overview of the book "Ecotourism and Conservation in the Americas". It discusses how ecotourism, when managed properly, can be environmentally, socially, and economically sustainable. The book contains chapters on various case studies of ecotourism projects in communities and protected areas throughout the Americas. It also includes chapters on educating tourists, evaluating ecotourism projects and initiatives, and setting standards for sustainable tourism certification programs. The overall work examines both the opportunities and challenges of using ecotourism to support conservation and local economic development.
Active Listening in Peer Interviews The Influence of Message Paraphrasing on...Jasmine Dixon
This document discusses research on active listening. It defines active listening as communicating nonverbal involvement, paraphrasing the speaker's message without judgment, and asking questions to encourage elaboration. The document reviews two bodies of research. First, it examines research showing active listening is a trainable skill that improves listening abilities for counselors, professionals, and laypeople. Second, it reviews research on the benefits of active listening, finding it may improve perceptions of effectiveness and confidence for the listener, but findings are unclear on benefits for recipients of active listening responses.
A statistical approach to term extraction.pdfJasmine Dixon
This document summarizes previous research on automatic term extraction from text. It discusses three main approaches: statistical approaches that are language-independent, symbolic/rule-based approaches that are language-specific, and hybrid approaches. Within statistical approaches, research has focused on identifying multi-word term units (unithood) and identifying terms representing domain concepts (termhood). Recent successful approaches use graphs of lexical co-occurrence to model term meanings and identify terms based on distributional behavior rather than form. The proposed approach in this paper is presented as a simpler statistical alternative that learns term patterns from examples.
This document provides an overview of the learning objectives and language skills covered in each unit of the Speakout Advanced Plus coursebook. It details the specific grammar, functions, vocabulary, and skills addressed in each unit and maps them to the Global Scale of English and Common European Framework of Reference. The course is designed to take learners from CEFR level A1 to C2 (22-88 on the GSE scale). Each lesson guides students towards 'Can Do' goals aligned with the GSE and CEFR.
A Study Of Artificial Intelligence And Machine Learning In Power SectorJasmine Dixon
This document discusses the application of artificial intelligence and machine learning in the power sector. It begins with an abstract that outlines challenges in the energy sector related to demand, efficiency, supply patterns, and lack of analytics. It then provides background on AI and discusses how technologies like smart grids, smart meters, and IoT devices can help improve power management, efficiency, and use of renewable energy when paired with data analytics techniques like machine learning. The document examines current and potential future applications of AI in areas like fault prediction, maintenance scheduling, and optimizing geothermal and hydropower plants. It concludes by stating that while advanced economies currently lead in AI applications for power, the technologies have potential to address energy access challenges in emerging markets as
Andreas Schleicher presents PISA 2022 Volume III - Creative Thinking - 18 Jun...EduSkills OECD
Andreas Schleicher, Director of Education and Skills at the OECD presents at the launch of PISA 2022 Volume III - Creative Minds, Creative Schools on 18 June 2024.
Philippine Edukasyong Pantahanan at Pangkabuhayan (EPP) CurriculumMJDuyan
(𝐓𝐋𝐄 𝟏𝟎𝟎) (𝐋𝐞𝐬𝐬𝐨𝐧 𝟏)-𝐏𝐫𝐞𝐥𝐢𝐦𝐬
𝐃𝐢𝐬𝐜𝐮𝐬𝐬 𝐭𝐡𝐞 𝐄𝐏𝐏 𝐂𝐮𝐫𝐫𝐢𝐜𝐮𝐥𝐮𝐦 𝐢𝐧 𝐭𝐡𝐞 𝐏𝐡𝐢𝐥𝐢𝐩𝐩𝐢𝐧𝐞𝐬:
- Understand the goals and objectives of the Edukasyong Pantahanan at Pangkabuhayan (EPP) curriculum, recognizing its importance in fostering practical life skills and values among students. Students will also be able to identify the key components and subjects covered, such as agriculture, home economics, industrial arts, and information and communication technology.
𝐄𝐱𝐩𝐥𝐚𝐢𝐧 𝐭𝐡𝐞 𝐍𝐚𝐭𝐮𝐫𝐞 𝐚𝐧𝐝 𝐒𝐜𝐨𝐩𝐞 𝐨𝐟 𝐚𝐧 𝐄𝐧𝐭𝐫𝐞𝐩𝐫𝐞𝐧𝐞𝐮𝐫:
-Define entrepreneurship, distinguishing it from general business activities by emphasizing its focus on innovation, risk-taking, and value creation. Students will describe the characteristics and traits of successful entrepreneurs, including their roles and responsibilities, and discuss the broader economic and social impacts of entrepreneurial activities on both local and global scales.
Leveraging Generative AI to Drive Nonprofit InnovationTechSoup
In this webinar, participants learned how to utilize Generative AI to streamline operations and elevate member engagement. Amazon Web Service experts provided a customer specific use cases and dived into low/no-code tools that are quick and easy to deploy through Amazon Web Service (AWS.)
This presentation was provided by Rebecca Benner, Ph.D., of the American Society of Anesthesiologists, for the second session of NISO's 2024 Training Series "DEIA in the Scholarly Landscape." Session Two: 'Expanding Pathways to Publishing Careers,' was held June 13, 2024.
SWOT analysis in the project Keeping the Memory @live.pptx
Anti-Phishing Phil
1. Anti-Phishing Phil: The Design and Evaluation of a Game
That Teaches People Not to Fall for Phish
ABSTRACT
In this paper we describe the design and evaluation of Anti-
Phishing Phil, an online game that teaches users good habits to
help them avoid phishing attacks. We used learning science
principles to design and iteratively refine the game. We evaluated
the game through a user study: participants were tested on their
ability to identify fraudulent web sites before and after spending
15 minutes engaged in one of three anti-phishing training
activities (playing the game, reading an anti-phishing tutorial we
created based on the game, or reading existing online training
materials). We found that the participants who played the game
were better able to identify fraudulent web sites compared to the
participants in other conditions. We attribute these effects to both
the content of the training messages presented in the game as well
as the presentation of these materials in an interactive game
format. Our results confirm that games can be an effective way of
educating people about phishing and other security attacks.
Categories and Subject Descriptors
D.4.6 Security and protection, H.1.2 User / Machine systems,
H.5.2 User interfaces
General Terms
Design, experimentation, security, human factors
Keywords
Phishing, usable privacy and security, interactive learning,
learning science, security user education, and game design,
development and testing
1. INTRODUCTION
Phishing is a kind of attack in which criminals use spoofed emails
and fraudulent web sites to trick people into giving up personal
information. Victims perceive these emails as associated with a
trusted brand, while in reality they are the work of con artists
interested in identity theft [18]. These increasingly sophisticated
attacks not only spoof email and web sites, but they can also spoof
parts of a user’s web browser [17].
Phishing is part of a larger class of attacks known as semantic
attacks. Rather than taking advantage of system vulnerabilities,
semantic attacks take advantage of the way humans interact with
computers or interpret messages [33], exploiting differences
between the system model and the user model [34]. In the
phishing case, attacks exploit the fact that users tend to trust email
messages and web sites based on superficial cues that actually
provide little or no meaningful trust information [7], [17].
Automated systems can be used to identify some fraudulent email
and web sites. However, these systems are not completely
accurate in detecting phishing attacks. In a recent study, only one
of the ten anti-phishing tools tested was able to correctly identify
over 90% of phishing web sites, and that tool also incorrectly
identified 42% of legitimate web sites as fraudulent [39]. It is also
unlikely that any system will ever be completely accurate in
detecting phishing attacks, especially when detection requires
knowledge of contextual information. While it makes sense to use
automated detection systems as one line of defense against
semantic attacks, our philosophy is that there will still remain
many kinds of trust decisions that users must make on their own,
usually with limited or no assistance. The goal of our research is
not to make trust decisions for users, but rather to develop a
complementary approach to support users so that they can make
better trust decisions. More specifically, one goal of our research
is to find effective ways to train people to identify and avoid
phishing web sites.
In this paper we present the design, implementation, and
evaluation of Anti-Phishing Phil, a game we developed to teach
people how to protect themselves from phishing attacks. Anti-
Phishing Phil teaches people how to identify phishing URLs,
where to look for cues in web browsers, and how to use search
engines to find legitimate sites. In Section 2, we present
Steve Sheng, Bryant Magnien, Ponnurangam Kumaraguru,
Alessandro Acquisti, Lorrie Faith Cranor, Jason Hong, Elizabeth Nunge
Carnegie Mellon University
shengx@cmu.edu, bmagnien@andrew.cmu.edu ponguru@cs.cmu.edu, acquisti@andrew.cmu.edu
lorrie@cmu.edu, jasonh@cs.cmu.edu, enunge@gmail.com
Figure 1: Anti-Phishing Phil game screen. Phil, the small fish
near the top of the screen, is asked to examine the URL next to
the worm he is about to eat and determine whether it is
associated with a legitimate web site or a phishing site. Phil’s
father (lower right corner) offers some advice. The game is
available at: http://cups.cs.cmu.edu/antiphishing_phil/
2. background information and related work on why people fall for
phishing, and approaches to protecting them. In Section 3, we
describe the design of Anti-Phishing Phil, and present the ways in
which we applied learning principles in designing the game. In
Section 4, we present the methodology we used to evaluate the
game. In Section 5, we present the results of our evaluation,
which shows that the game is more effective than a tutorial we
created or existing online training materials at teaching people to
identify phishing web sites accurately. We discuss the effect of
anti-phishing training in Section 6. Finally, we present our
conclusions in Section 7.
2. BACKGROUND AND RELATED WORK
In this section, we present background on anti-phishing research,
why people fall for phishing, and approaches to protecting people
from falling for phishing attacks.
2.1 Anti-phishing research
Previous work on phishing falls into three categories: studies to
understand why people fall for phishing attacks, tools to protect
people from such attacks, and methods for training people not to
fall for phishing attacks.
2.1.1 Why people fall for phishing
Downs et al have described the results of an interview and role-
playing study aimed at understanding why people fall for phishing
emails and what cues they look for to avoid such attacks. There
were two key findings in their work. First, while some people are
aware of phishing, they do not link that awareness to their own
vulnerability or to strategies for identifying phishing attacks.
Second, while people can protect themselves from familiar risks,
people tend to have difficulties generalizing what they know to
unfamiliar risks [7].
Dhamija et al showed twenty-two participants twenty web sites
and asked them to determine which were fraudulent. Participants
made mistakes on the test set 40% of the time. The authors noted
that 23% of their participants ignored all cues in the browser
address bar and status bar as well as all security indicators [5].
This study did not present users with the email messages that
might lead users to visit the web sites presented, so it provides no
data on whether users pay attention to, or how they interpret,
email cues.
Wu et al. studied three simulated anti-phishing toolbars to
determine how effective they were at preventing users from
visiting web sites the toolbars had determined to be fraudulent.
They found that many study participants ignored the passive
toolbar security indicators and instead used the site’s content to
decide whether or not it was a scam. In some cases participants
did not notice warning signals, and in other cases they noticed
them but assumed the warnings were invalid. In a follow-up
study, the authors tested anti-phishing toolbars that produced pop-
up warnings that blocked access to fraudulent web sites until
overridden by the user. These pop-up warnings reduced the rate at
which users fell for fraudulent sites, but did not completely
prevent all users from falling for these sites. The authors
concluded that Internet users are not very good at interpreting
security warnings and are unfamiliar with common phishing
attacks, and recommended educating users about online safety
practices [36].
Our work builds on these previous studies. We incorporated many
of the lessons learned from this past work into our game. For
example, we teach people not to trust the content of the web page
but examine the URL instead. Our evaluation methodology is also
closely based on Dhamija et al.’s work [5].
2.1.2 Tools to protect people from phishing
Anti-phishing services are now provided by Internet service
providers, built into mail servers and clients, and available as web
browser toolbars. However, these services and tools do not
effectively protect against all phishing attacks, as attackers and
tool developers are engaged in a continuous arms race [39].
Furthermore, Internet users who are unaware of the phishing
threat will be unlikely to install and use an anti-phishing tool, and
may ignore warnings from anti-phishing tools provided by their
ISPs or built into their web browsers. Even users who understand
anti-phishing warnings may ignore them [36]. Where possible,
anti-phishing tools should be applied, but—as noted in the
introduction—there will always be cases where people have to
make trust decisions on their own.
Other research has focused on the development of tools to help
users determine when they are interacting with a trusted site. Ye et
al. [37] and Dhamija and Tygar [4] have developed prototype
“trusted paths” for the Mozilla web browser that are designed to
assist users in verifying that their browser has made a secure
connection to a trusted site. Herzberg and Gbara have developed
TrustBar, a browser add-on that uses logos and warnings to help
users distinguish trusted and untrusted web sites [15]. Other tools,
such as PassPet and WebWallet, try to engage users by requiring
them to interact actively with the tool before giving out sensitive
information [34], [35], [38]. However, even these solutions
ultimately rely on the user’s ability to make the right decision. In
addition, these approaches require either end-users, web servers,
or both to install special software. In contrast, our training method
only relies on teaching people what cues to look for in existing
web browsers.
2.1.3 Anti-phishing education
Despite claims by security and usability experts that user
education about security does not work [9], there is evidence that
well designed user security education can be effective [22]. Web-
based training materials, contextual training, and embedded
training have all been shown to improve users’ ability to avoid
phishing attacks.
A number of organizations have developed online training
materials to educate users about phishing [8],[11]. In a previous
study, we tested the effectiveness of some of these online
materials and found that, while these materials could be improved,
they are surprisingly effective when users actually read them [21].
Several studies have adopted a contextual training approach in
which users are sent simulated phishing emails by the
experimenters to test users’ vulnerability to phishing attacks. At
the end of the study, users are given materials that inform them
about phishing attacks. This approach has been used in studies
involving Indiana University students [16], West Point cadets
[12], and New York State employees [30]. In the New York State
study, employees who were sent the simulated phishing emails
and follow-up notification were better able to avoid subsequent
phishing attacks than those who were given a pamphlet containing
information on how to combat phishing.
3. A related approach, called embedded training, teaches users about
phishing during their regular use of email. In a previous
laboratory experiment to evaluate our prototype embedded
training system, we asked our participants to role play and
respond to the messages in an email inbox that included two
training emails designed to look like phishing emails. If a
participant clicked on a link in a training email, we immediately
presented an intervention designed to train them not to fall for
phishing attacks. We created several intervention designs based
on learning sciences, and found that our interventions were more
effective than standard security notices that companies email to
their customers [22].
We designed our anti-phishing game to complement the
embedded training approach, which trains people while they are
performing their primary task (checking email). If users are
interested in devoting some additional time to learning more
about phishing, they can play the Anti-Phishing Phil game. The
embedded training approach trains users to identify phishing
emails, while the game teaches users to identify phishing web
sites. The game emphasizes that phishing web sites often can be
identified by looking at their URLs, and teaches users about the
various parts of a URL. This training may also help users analyze
URLs in suspicious email messages.
3. DESIGN OF ANTI-PHISHING PHIL
In this section we present: the objectives of the game; learning
science principles that we applied in designing the game; the
story, mechanics, and technology of the game; and results from
some of the pilot studies that we conducted, as we iterated on the
game design.
We used an iterative design process to develop the game. Our
early iterations made use of paper and Flash prototypes to explore
various design alternatives. After a great deal of play-testing and
feedback from our research group, both on the content of the
game (what to teach) and the game design itself (presentation), we
developed a working prototype that we tested with actual users.
We then iterated on the design several more times based on user
feedback and behavior, focusing on improving the game
mechanics and messages. Finally, we created a more polished
look and feel using attractive images and enticing sounds.
3.1 Game Design Principles
In this section, we present the objectives for the game and the
learning science principles that we applied in implementing these
objectives.
Our objective in developing the anti-phishing game was to teach
users three things: (1) how to identify phishing URLs, (2) where
to look for cues for trustworthy or untrustworthy sites in web
browsers, and (3) how to use search engines to find legitimate
sites. We believe that search engines can be an effective tool in
identifying phishing web sites. For example, users can search for a
brand name in a search engine and see whether the link that
appears in the top search results is the same as a potentially
suspicious link received in an email. By far, the top search engine
results are legitimate web sites [40].
To achieve the above-mentioned objectives, we applied several
learning science principles to the game design. Learning sciences
theory suggests that training will be effective if the training
methodology is goal-oriented, challenging, contextual, and
interactive [31]. In goal-oriented training, learners have a specific
goal to achieve and in the process of achieving the goal they are
challenged and trained. Training is most effective if the materials
are presented in a context users can relate to, and if the materials
are presented in an interactive form. There also exists a large body
of literature on the effectiveness of games for interactively
teaching conceptual and procedural knowledge [13]. Conceptual
knowledge is knowledge about concepts or relationships that can
be expressed as propositions (e.g., URLs have a protocol part and
a domain name part). In contrast, procedural knowledge (also
referred as declarative knowledge) is the step-by-step knowledge
that one uses to solve a given problem (e.g., check the URL in the
address bar, and if it contains an IP addresses, you are likely
visiting a phishing site) [2]. The Anti-Phishing Phil game conveys
both conceptual and procedural knowledge. Research in learning
science has established that interactive environments, in particular
games, are one of the most effective training methods and are
highly motivational for users, especially when they adhere to
design principles for educational games [13], [31], [32]. We
applied three learning science principles to the design of the Anti-
Phishing Phil game: reflection, story-based agent, and
conceptual–procedural.
Reflection principle. Reflection is the process by which learners
are made to stop and think about what they are learning. Studies
have shown that learning increases if educational games include
opportunities for learners to reflect on the new knowledge they
have learned [6]. This principle is employed in our anti-phishing
game by displaying, at the end of each round, a list of web sites
that appeared in that round and whether the user correctly or
incorrectly identified each one (as shown in Figure 2). This helps
users reflect on the knowledge gained from the round they just
completed.
Story-based agent environment principle. Agents are characters
that help in guiding learners through the learning process. These
characters can be represented visually or verbally and can be
cartoon-like or real-life characters. The story-based agent
environment principle states that using agents as part of story-
based content enhances learning. We applied this principle in the
game by having the user control a young fish named Phil, who has
to learn anti-phishing skills to survive. People learn from stories
because stories organize events in a meaningful framework and
tend to stimulate the cognitive process of the reader [20], [25].
Studies have demonstrated that students in story-based agent
conditions perform better in learning than in non-story-based
agent conditions [24], [28].
Conceptual–Procedural principle. This principle states that
conceptual knowledge and procedural knowledge influence one
another in mutually supportive ways and build in an iterative
process [19]. In the first version of our game, we taught users
specific procedural tips such as “URLs with numbers in the front
are generally scams,” or “a company name followed by a hyphen
is generally a scam.” We did not teach any conceptual knowledge
in the game. Users were able to remember the procedural tips, but
without a full conceptual understanding of URLs. Hence, some
users applied the lessons learned from the game incorrectly. For
example, some users misapplied the rule about IP addresses and
thought www4.usbank.com was a phishing site because the URL
contained the number 4. Other users misapplied the rule
“company name followed by hyphen usually means it is a scam”
to web-da.us.citibank.com (a legitimate site). In the most recent
4. version of our game, we added conceptual knowledge of URLs,
explaining the different parts of an URL and which parts are the
most important.
We also applied this principle by providing information about
how to search for a brand or domain and how to decide which of
the search results are legitimate (procedural knowledge) after
mentioning that search engines are a good method to identify
phishing web sites (conceptual knowledge). In this way, we
present conceptual and procedural knowledge iteratively.
3.2 Game Description
Here, we describe our game in three parts: story, mechanics, and
technology.
3.2.1 Story
The main character of the game is Phil, a young fish living in the
Interweb Bay. Phil wants to eat worms so he can grow up to be a
big fish, but has to be careful of phishers that try to trick him with
fake worms (representing phishing attacks). Each worm is
associated with a URL, and Phil’s job is to eat all the real worms
(which have URLs of legitimate web sites) and reject all the bait
(which have phishing URLs) before running out of time. The
other character is Phil’s father, who is an experienced fish in the
sea. He occasionally helps Phil out by giving Phil some tips on
how to identify bad worms (and hence, phishing web sites).
3.2.2 Mechanics
The game is split into four rounds, each of which is two minutes
long. In each round, Phil is presented with eight worms, each of
which carries a URL that is shown when Phil moves near it (see
Figure 1). The player uses a mouse to move Phil around the
screen. The player uses designated keys to “eat” the real worms
and “reject” the bait. Phil is rewarded with 100 points if he
correctly eats a good worm or correctly rejects a bad one. He is
slightly penalized for rejecting a good worm (false positive) by
losing 10 seconds off the clock for that round. He is severely
penalized if he eats a bad worm and is caught by phishers (false
negative), losing one of his three lives. We developed this scoring
scheme to match the real-world consequences of falling for
phishing attacks, in that correctly identifying real and fake web
sites is the best outcome, a false positive the second best, and a
false negative the worst. The consequences of Phil’s actions are
summarized in Table 2.
Table 2: This table shows the scoring scheme and
consequences of the user’s actions (through Phil)
Good worm Phishing worm
Phil Eats Correct, gains 100
points
False negative, gets
phished and loses life
Phil Rejects False positive, loses
10 seconds
Correct, gains 100
points
There are four rounds in the game, each one harder than the
previous and focusing on a different type of deceptive URL. Table
1 shows the focus of each round. Our implementation selects eight
URLs from a pool of twenty for each round, including 12 URLs
consistent with the round’s focus. The eight URLs illustrate
concepts from other rounds to maintain continuity between
rounds.
To make the game more engaging and challenging, Phil has to
avoid enemy fish while moving around the screen. If Phil comes
in contact with an enemy, it eats him and he loses a life. Early
versions of the game included several fast-moving enemies in
each round. However, we found that players became distracted by
the enemies and had trouble learning. We reduced the number of
enemies to one and made them slower so that they did not
interfere with learning in later versions of the game.
Players have to correctly recognize at least six out of eight URLs
within two minutes to move on to the next round. As long as they
still have lives, they can repeat a round until they are able to
recognize at least six URLs correctly. If a player loses all three
lives the game is over. The game includes brief tutorials before
each round and end of round summary, as shown in Figure 3.
3.2.3 Technology
The game is implemented in Flash 8. The content for the game,
including URLs and training messages, are loaded from a separate
data file at the start of the game. This provides us with a great deal
of flexibility and makes it easy to quickly update the content. In
each round of the game, four good worms and four phishing
worms are randomly selected from the twenty URLs in the data
file for that round. We also use sound and graphics to engage the
user better. This includes sound effects to provide feedback on
actions, background music, and underwater background scenes.
Table 1: Focus of each round of the game with examples
Round# Focus Examples Bumper Sticker Message
1
IP address
URLS
http://147.46.236.55/PayPal/login.html “Don't trust URLs with all numbers in
the front”
2 Sub domain
URLs
http://secure-signin.ebay.com.ttps.us/
“Don't be fooled by the word
ebay.com in there, this site belongs to
ttps.us.”
3 Similar and
deceptive
domains
http://www.msn-verify.com/
http://www.ebay-accept.com/login.php
“A company name followed by a
hyphen usually means it is a scam site”
“Companies don't use security related
keywords in their domains”
4 All previous
methods
together
eBay sites combining all of above.
5. 3.3 Training Messages
In this section, we discuss details about the training messages that
were shown to the users, and the presentation of these training
messages.
3.3.1 What to teach
Our main focus is to teach users how to identify phishing URLs,
where to look for cues in web browsers, and how to use search
engines to find legitimate sites.
To teach users to distinguish phishing URLs from legitimate ones,
we first sampled a representative list of phishing URLs from the
millersmiles.co.uk phishing archive [27], and organized them into
three categories: IP-based phishing URLs, long URLs (with sub-
domains), and similar and deceptive domains. Next we designed
training messages for each type of URL. We iterated on these
messages using the philosophy that they should be messages one
could place on a bumper sticker on a car. For example, for IP-
based phishing URLs, we teach “Don’t trust URLs with all
numbers in the front.” Table 1 shows a list of bumper sticker
messages in the game. To teach users where to look for cues in the
browsers, we created a tip that highlighted the browser’s address
bar. To teach users how to use search engines to find legitimate
sites, we originally used help messages from Phil’s father during
the game play. However, as will be discussed in the next section,
we found that this was not very effective, so we used a tutorial in
between rounds instead.
3.3.2 Where to teach them
Training messages are embedded in the following places in the
game: (1) feedback during the game, (2) help messages from
Phil’s Father during the game, (3) end of the round score sheets,
and (4) anti-phishing tips in between rounds.
Feedback during the game: When Phil eats a good URL or
rejects a phishing one, we provide some visual feedback such as
“yummy” and “got ya” to tell Phil that he got it right. When he
eats a phishing URL, he gets phished and is drawn upward by a
fishing line and hook. At this point, Phil’s father provides a short
tip explaining why the URL is a phishing URL.
Messages from Phil’s Father’s: Phil can also ask his father for
help at any time (by pressing T in the game). His father will
provide hints as to what to look for to differentiate good worms
from bad ones. Phil’s father will also occasionally use a “search
engine” and tell Phil the results of the search based on the URL.
This is to show Phil how to use a search engine properly to
determine the legitimate domain name for a company. This also
provides the information players need to determine whether to eat
or reject a worm, even if they do not know what the legitimate
domain name is for a particular company. In pilot tests of the
game, we found that not many users used this option, suggesting
that this may not be the most effective way to deliver training.
End of round score sheets: We provide players with an
opportunity to reflect on what they learned at the end of each
round with a score sheet, as shown in Figure 2. This screen
reviews the URLs used in that round, indicates whether or not the
player identified each URL correctly, and displays a tip that
explains how to figure out whether the URL is legitimate. In our
pilot and user study, we found that people often spent a great deal
of time on this screen looking over the things they missed. This
applies the reflection principle described in Section 3.1.
In-between round tutorials: In previous iterations of the game,
we focused solely on teaching people how to discriminate
between legitimate and phishing URLs. However, we observed
that people needed more scaffolding to help them understand
issues like what to look for in the web browser, and how
specifically they could use search engines to find real sites. In our
current iteration, we added several short tutorials between each
round to teach them these kinds of topics. This applies
conceptual-procedural principle described in Section 3.1.
3.4 Pilot Test
We pilot tested our game with eight users recruited by posting
flyers around the Carnegie Mellon University campus. We tested
our participants’ ability to identify phishing web sites from a set
of real and phishing web sites before and after playing the game.
The study is a think aloud study where participants talked about
strategies they use. The results were encouraging, but highlighted
some areas where the game needed improvements.
We found that the game was somewhat effective at teaching users
to look at the URL in their browser’s address bar when evaluating
a web site. Users looked at the address bar when evaluating 14%
of the web sites before playing the game and 41% of the web sites
after playing the game. The false negative rate decreased from
31% to 17% after users played the game. However, the false
positive rate increased from 37% to 48%, in part due to users
misinterpreting the URLs they examined.
We observed that users learned some of the URL-related concepts
we tried to teach, but not all of them. For example, most users
seemed to understand that URLs that have all numbers in the front
are usually a sign of scam. However, many users could not
properly parse a long URL and did not seem to understand that
the most important part of the URL is the right hand side of the
domain name. This led them to mis-identify
wellsfargo.com.wfcnet.net as a legitimate site and scgi.ebay.com
and onlineast1.bankofamerica.com as phishing sites.
Figure 2: “Round over” screen. This screen reviews the
URLs shown in the round with an indication as to which
ones the player identified correctly. The screen also shows a
tip to figure out whether the URL is legitimate. This helps
provide an opportunity for self-reflection.
6. We also observed that some users applied the lessons learned
from the game incorrectly. For example, some users misapplied
the rule about IP addresses (in Table 1) and thought
www4.usbank.com was a phishing site because the URL contained
the number 4. Other users misapplied the rule “company name
followed by hyphen usually means it is a scam” to web-
da.us.citibank.com.
Finally, many participants used wrong strategies to determine the
web site legitimacy. For example, one common strategy consisted
of checking whether the web site was designed professionally.
However, this is not a useful strategy as many phishing sites are
exact replicas of professionally designed legitimate sites.
Although participants adopted this technique less frequently after
the game, some of them still employed a variant of this strategy
while using a search engine: they compared the two sites’ design
(logos, colors) and the exact match of the URL to determine the
legitimacy. We believe this is due to users not knowing exactly
what to look for to determine web site legitimacy when they use
search engines. To summarize, from the pilot test we observed
that it is insufficient to teach users how to look for in the URL.
We modified our game according to the lessons learned from the
pilot testing.
3.5 Modified Game
We realized that the initial version of the game focused almost
entirely on procedural knowledge. However, some conceptual
knowledge about the parts of a URL might have helped users
avoid some of the mistakes they made. We added animated
messages in between each round of the game to address some of
the problems we observed in the pilot study. These messages
teach users about the parts of URLs, how to use a search engine to
check a suspicious URL, and common tricks used by scam web
sites. We designed these messages in a story-like format, in which
Phil’s father teaches him about URLs at home before he can
explore Interweb Bay on his own. Table 3 presents the summary
of the training messages that were provided to the user in between
rounds, and Figure 4 gives a screenshot of one of the training
messages.
4. EVALUATION METHODOLOGY
In this section, we describe the methodology we used to test the
game for its effectiveness in training users.
Table 3: List of training messages in between rounds; these information helped users to perform better and connect these
information with the information presented when they were playing the game
In Between Round Tip
# of
printed
pages Concepts How to do it?
Tip 1: Don’t forget
about the URL.
1
- Highlight and point to the address bar in the
browser.
Tip 2: The Middle part
of the URL tells you the
name of the site.
5
- Highlight the different parts of the URL (Prefix,
address and file name).
- Look at the text between the http:// and
the first /.The text before the first / (this
might be with a .com or .org) is the
main domain name.
Tip 3: When in doubt,
use a search engine!
6
- A search engine is a useful tool to check the
legitimacy of a web site.
- Type the domain name or the
organization name into Google search
engine. The top result is usually
legitimate website.
Tip 4: Know the
enemies’ tricks!
1
- Scammers register domains similar to real sites.
- They copy logos and contents from real sites to
draw you attention.
- They request sensitive information.
- They point all links to real sites to deceive you.
- Design and logos can be spoofed. Links
in the fraudulent website might take to
legitimate website.
Figure 3: Flow of the game: from left to right: the general lessons, the game, and the score. In the game section users played the
game and learned about the URL. In the score sheet, they got reflect on what they learned, finally the messages teach further tips.
7. 4.1 Study design
We based the design of our user study on Dhamija et al.’s study,
trying to recreate their experiment as much as possible (however,
the original materials for Dhamija’s study have been lost) [5].
Participants were given the following scenario: “You have
received an email message that asks you to click on one of its
links. Imagine that you have clicked on the link to see if it is a
legitimate web site or a spoofed web site.” We then presented
participants with ten web sites and asked them to state whether a
web site was legitimate or phishing, and to tell us how confident
they were in their judgments (on a scale of 1 to 5, where 1 means
not confident at all, and 5 means very confident). After evaluating
the ten URLs, participants were given fifteen minutes to complete
an anti-phishing training task. Finally, participants were shown
ten more web sites to evaluate. After finishing this evaluation,
participants were asked to complete an exit survey.
We selected twenty web sites (shown in Table 5) to test our
participants’ ability to identify phishing web sites before and after
training. Ten of the sites we selected were phishing sites from
popular brands. The other ten were legitimate web sites from
popular financial institutions and online merchants, as well as
random web sites. We divided the twenty web sites into two
groups (A and B), with five phishing sites and five legitimate sites
in each group. We randomized the order in which the two groups
of URLs were presented so that half the participants saw group A
first, and half saw group B first. We hosted the phishing web sites
on the local computer by modifying the host DNS file. Thus, our
participants were not actually at risk and we were able to show
them phishing sites even after they had been taken down.
We told participants that they could use any means to determine a
web sites’ legitimacy other than calling the company. We also let
participants use a separate web browser if they wanted, without
prompting them about how or why this might be useful. Some
participants used this other web browser to access a search engine
to help determine whether a web site was legitimate or not. We
used Camtasia Studio [3] to record our participants’ computer
screens and spoken comments.
We used a between-subjects experimental design to test three
training conditions:
• Existing training material condition: In this condition,
participants were asked to spend fifteen minutes reading
eBay’s tutorial on spoofed emails [8], Microsoft’s Security
tutorial on Phishing [26], the Phishing E-card from the U.S.
Federal Trade Commission [10], and a URL tutorial from the
MySecureCyberspace portal [29]. We reused the training
material condition from our previous study as a control group
[21].
• Tutorial condition: In this condition, participants were asked
to spend up to fifteen minutes reading an anti-phishing tutorial
we created based on the Anti-Phishing Phil game. We include
this condition to test the effectiveness of the training messages
separate from the game. The tutorial included printouts of all
of the between-round training messages. It also included lists
of the URLs used in the game with explanations about which
were legitimate and which were phishing, similar to the
game’s end-of-round screens. The 17-page tutorial was
printed in color. We designed the tutorial to resemble the
game as closely as possible.
• Game condition: In this condition, participants played the
Anti-Phishing Phil game for fifteen minutes.
This study was conducted in two phases, separated by five
months. For the existing training materials condition, we used
data collected during a previous study in September 2006 that
measured participants’ improvements after reading existing
training materials, as compared with a control group that spent
fifteen minutes playing solitaire [21]. For the tutorial and game
conditions participants were recruited in February 2007 and
randomly assigned to these groups. The same procedures were
used in September and February for recruiting, screening, and
conducting the experiments, although it is possible that the five
month delay between the two phases of the experiment introduced
some selection bias..
Figure 4: An example training message in between rounds.
In this message, Phil’s father (left) teaches Phil (right) how to
identify different parts of a URL and which parts are
important.
Table 4: Participant demographics in each condition
Existing
Training
Material
Tutorial
Group
Game
Group
Gender
Male 29% 36% 50%
Female 71% 64% 50%
Age
18-34 93% 100% 100%
>34 7% 0% 0%
Education
High School 14% 7% 7%
College Undergrad 50% 78% 50%
College graduate 14% 7% 21%
Post. Graduate school 21% 7% 21%
Years on the Internet
3- 5 years 23% 23% 14%
6-10 years 69% 70% 78%
> 11 years 8% 7% 7%
8. 4.2 Participant Recruitment and
Demographics
In this section, we present the process that we used in recruiting
participants for the study; we also describe the demographics of
the participants.
We recruited fourteen people for each condition via flyers posted
around campus, and with recruitment email on university bulletin
boards, and on craigslist.com. We screened participants with
respect to their knowledge of computers in general, aiming to
recruit only participants who could be considered “non-experts.”
We recruited users who answered “no” to two or more of the
following screening questions: 1) whether they had ever changed
preferences or settings in their web browser, 2) whether they had
ever created a web page, and 3) whether they had ever helped
someone fix a computer problem. These questions have served as
good filters to recruit non-experts in other phishing-related studies
[7], [22]. A summary of demographics is shown in Table 4.
5. RESULTS
In this section, we present the results from the user study. We
found that participants in the game condition performed better
than the other two conditions in correctly identifying the web
sites. We also found that there was no significant difference in
false negatives among the three groups. However, the participants
in the game group performed better overall than the other two
groups.
In this section we present results regarding the correlation
between demographics and susceptibility to phishing, user
performance, user confidence rating, user feedback, and places
where game can be improved.
5.1 Correlation between Demographics and
Susceptibility to Phishing
We found no significant correlation between the participants’
performance (measured by total correctnesss) and gender (rho = -
0.2, n = 42, p = 0.19), age (spearman rho = 0.008, n = 42, p =
0.96), education (spearman rho = 0.06, n = 42, p = 0.708), race
(spearman rho = 0.13, n = 42, p = 0.406), number of hours spent
online per week (rho = -0.10, n = 42, p =0.588). Other studies
have also found no correlation between these demographics and
susceptibility to phishing [4], [6]. The score is positively
correlated with years on the Internet (rho = 0.341, n = 42, p =
0.031).
5.2 User Performance
We measured the effectiveness of user training by examining false
positives and false negatives as well as the total percentage of
correct sites identified before and after the test. A false positive is
when a legitimate site is mistakenly judged as a phishing site. A
false negative is when a phishing site is incorrectly judged to be a
legitimate site.
Our game condition performed best overall. It performed roughly
as well as the existing training material condition in terms of false
negatives, and better on false positives. The tutorial condition also
performed better than the existing training material in terms of
false positives and total correctness. However, these latter results
were not statistically significant.
Post test false negative rates in all three groups decreased
significantly from the pre test values. For the existing training
0.43
0.34
0.12
0.19 0.17
0.38
0
0.1
0.2
0.3
0.4
0.5
Existing training
materials
Tutorial Game
False
Negative
Rate
pre test
post test
Figure 5: False negative rates. N = 14 in all conditions. The
existing training material performed best on false negatives.
However, the difference is not statistically significant.
0.30
0.27
0.30
0.41
0.21
0.14
0
0.1
0.2
0.3
0.4
0.5
Existing training
material
Tutorial Game
False
Positive
Rate
pre test
post test
Figure 6: False Positive Rate. N = 14 in all conditions. The
false positives increased in the existing materials condition,
and decreased in both the tutorial and game condition, with
the game condition showing the highest reduction.
0.66 0.65
0.69
0.74
0.80
0.87
0.5
0.6
0.7
0.8
0.9
1
Existing training
material
Tutorial Game
Total
Correctness
pre test
post test
Figure 7: Total correctness for the test groups. N = 14 in all
conditions. The game condition shows the greatest
improvements.
materials condition, the false negative rate fell from 0.38 to 0.12
(paired t-test: µ1=0.38, µ2=0.12, p = 0.01); for the tutorial
condition, it changed from 0.43 to 0.19 (paired t-test: µ1=0.43,
µ2=0.19, p < 0.03); for the game condition, it changed from 0.34
to 0.17 (paired t-test: µ1=0.34, µ2=0.17, p <0.02). There is no
statistical difference between the three groups in either the pre test
(oneway ANOVA, F(2,41)=0.52, p=0.60), or post test (oneway
ANOVA, F(2,41)=0.81, p=0.45). These results are shown in
Figure 5.
Post test false positive rates decreased significantly in the game
condition (paired t-test: µ1=0.30, µ2=0.14, p < 0.03). The one-
way ANOVA revealed that false positive rates differed
significantly in the post test (F(2, 41) = 4.64, p < .02). The Tukey
post-hoc test revealed that the game condition has significantly
lower false positives than the existing training materials. No other
9. specific post-hoc contrasts were significant. The results are shown
in Figure 6.
Combining false positive and false negatives we derived a
measure for the total correctness. We found in the post test that
the game condition performed better than the existing training
material condition (2 sample t test, p<0.02). We did not find the
tutorial condition improvement to be significant over the existing
training material condition; however, this is likely due to our
small sample size. These results are shown in Figure 7.
5.3 User Confidence Rating
Users became more confident about their judgments after the
game or the tutorial conditions. We did not observe the existing
training material improving user confidence in a statistically
significant way.
The average user confidence rating in the game condition
increased from 3.72 (variance = 0.09) to 4.42 (variance = 0.10).
This change is statistical significant (paired t –test, p < 0.001). In
contrast, user confidence in the existing training material
condition did not improve in a statistically significant way: the
average confidence rating was 4.18 pre test (variance = 0.18) and
4.32 post test (variance = 0.15).
5.4 User Feedback
In the post test, we asked participants to measure on a 5- point
Likert scale how much they felt they had learnt and how important
was the information they learnt. Ninety-three percent of the users
either agreed or strongly agreed that they had learned a lot (u =
4.21, std = 0.58), and 100% of them agreed or strongly agreed
that they had learned a lot of important information (u = 4.36
std=0.50). On a five point scale, we also asked them to rate the
educational and fun levels of the game. Ninety-three percent of
the user felt the educational value of the game was very good or
excellent (u=4.28, var = 0.61). Fifty percent of the users
considered the fun level of the game as very good or excellent (u
= 3.7 var = 0.78).
We asked similar questions about educational value and fun level
in the existing training material condition. Ninety-three percent of
the users also felt the educational value of the existing training
material was very good or excellent (u=4.28 var = 0.59), where as
only twenty-nine percent of the users considered the fun level of
the existing training materials to be very good or excellent (u =
2.8 var = 1.36).
5.5 Where the Game is Failing
We found that users in the game group and the tutorial group
Table 5: Percentage of total correct answers for the training group before and after the game
Website
Real /
Spoof
Description
Pre Game
% Correct
(average
confidence)
Post Game
%correct
(average
confidence)
Paypal Real Paypal login page 83 (4.6) 100 (4.7)
Bank of
America
Real Bank of America home page; URL: onlineast.bankofamerica.com 66 (3.5) 100 (4.3)
Wellsfargo
bank
Spoof
Faked Wellsfargo home page; layered information request; sub domain
deception with URL online.wellsfargo.wfosec.net
83 (3.6) 87 (4.5)
Citibank Real Citibank login Page; URL: web-da.us.citibank.com 83 (3.6) 75 (4.5)
Barclays Spoof Faked Barclays login page; layered information request; IP address URL 83 (4.2) 100 (4.7)
AOL Spoof AOL account update, deceptive domain myaol.com 100 (3.3) 75 (3.4)
Etrade Real Etrade home page 100 (4.0) 100 (4.3)
PNC Bank Spoof
Bank account update; pop-up window over the real PNC Bank web site;
security lock; requesting credit card number
66 (4.0) 50 (5.0)
eBay Real eBay register page; requesting lots of information 66 (4.2) 62 (4.0)
Halifax Bank Spoof Halifax bank login page; deceptive domain halifax-cnline.co.uk. 83 (2.8) 100 (4.5)
Card Financials
Online
Real
Card Financial Online (part of MBNA); domain name has nothing to do
with MBNA.
50 (3.5) 66 (4.5)
Citicards Spoof Citicard account update; lock on the page; requesting a lot of information 50 (4.0) 100 (4.6)
Chase online Real Online banking login page; URL: chaseonline.chase.com 100 (4.2) 100 (4.1)
Desjardins Real Account login page; unfamiliar foreign bank 50 (3.0) 83 (3.8)
Royal Bank of
Canada
Spoof
Sign in online banking page; layered information request; URL has no
resemblance with the bank.
37 (4.0) 100 (4.1)
Chase Student Real Primitive looking page with few graphics and links 37 (3.0) 66 (3.7)
HSBC Spoof Internet banking login page; layered information request; IP address URL 50 (4.0) 100 (5.0)
US Bank Real Online banking login page; URL: www4.usbank.com 75 (3.5) 100 (4.6)
eBay Spoof Faked eBay login page; IP address URL 75 (3.8) 100 (5.0)
PayPal Spoof
Fake URL bar displaying the real Paypal URL; not requesting much
information
50 (3.2) 0 (4.0)
10. performed worse when examining two websites. The first website
is a fake address bar attack, where we showed users a Paypal
website with the address bar spoofed. Six of the users in the game
condition were unable to identify this attack in the post test,
whereas only three users in the existing training material
condition fell for it. We hypothesize that users are more prone to
this kind of attacks because, after the training, they look
specifically for clues in the URL, and if the clues confirm their
belief, they do not look further. (Luckily, current browsers now
address this kind of vulnerability.)
Two users also fell for the “similar domain attack” after the game
condition, in which we showed them myaol.com for account
updates. This is an easy attack to identify if users notice the large
amount of information requested, because of this reason, none of
the users fall for it in the pre test. This problem highlights two
lessons: first, some users still have problems with phishing
domains that are similar to the real ones; second, they tend to look
less for other clues other than the URL, and if the URL does not
raise suspicion, they do not look further.
6. Effect of Training: Learning versus
Increasing Alertness
In this section we describe how we make use of Signal Detection
Theory (SDT) [1], [23] to gain insights into whether the game
educated users about detecting phishing websites or increased
their alertness.. SDT is a means to quantify the ability to discern
between signal (phishing websites in this case) and noise
(legitimate websites in this case). To gain this insight, we use two
measures: sensitivity (d’) and criterion (C). Sensitivity is defined
as how hard or easy it is to detect if that target stimulus is present
from a background event. In the case of our user study, we define
sensitivity to be the ability to distinguish phishing websites
(signal) from legitimate websites (noise), which is the distance
between the mean of signal and noise distributions. The larger the
parameter d’, the better is the user at separating the signal from
the noise. Criterion is defined as the tendency of the users while
making a decision. Figure 8 shows that the criterion line divides
the graph into four sections that correspond to: true positives, true
negatives, false positives and false negatives.
We believe that, when presented with the training, a user may
shift the decision criterion (C) to the left, to be more cautious.
This might lead to fewer false negatives at the expense of false
positives. Alternatively a user may learn to distinguish the
phishing websites better, in which case there will be an increase in
d’.
We calculated C and d’ for the participants in our user study,
Table 5 presents the results. We found that in the existing training
material condition, the sensitivity increases from 0.81 in pre test
to 1.43 in post test. This increase is marginally significant (p =
0.1). We also found that users became cautious after the training,
as the d’ changes from 0.03 in pre test to -0.51 in post test (p
<0.05). This result (users becoming more cautious) was also
shown by Jackson et. al [17]. In contrast to the existing training
material condition, the sensitivity increased from 0.93 to d’_post
= 2.02 (p<0.05) in the game condition. Also, the decision
criterion did not change significantly (C_pre = 0.06, C_post =
0.06) in the game condition. This shows that the improvement in
the performance is due to learned ability to better distinguish
phishing websites and real websites.
Figure 8: Illustration of Signal Detection Theory (SDT) in our
application. We treat legitimate sites as “non signal,” and
phishing sites as “signal.” The sensitivity (d’) measures users’
ability to discern signal from noise. Criterion (C) measures
users’ decision tendency. The effects of training could be to a)
make the user shift the decision Criterion and thus increasing
alertness; b) make users increase sensitivity, separating the
two distributions better and thus improving people’s ability to
distinguish between phishing and legitimate sites; or c) a
combination of both.
Table 6: Results from the Signal Detection Theory analysis.
This shows that users had a greater sensitivity with Anti-
Phishing Phil, meaning that they were better able to
distinguish between phishing and legitimate sites.
Consequently, users were able to make better decisions in the
game condition compared to the users becoming conservative
in the other condition.
Sensitivity (d’) Criterion (C)
Pre
test
Post
test Delta
Pre
test
Post
test Delta
Existing
training
materials
0.81 1.43 0.62 0.03 -0.51 -0.54
**
Anti-
phishing
Phil
0.93 2.02 1.09
**
0.06 0.06 0
** p < 0.05
7. CONCLUSIONS AND FUTURE WORK
In this paper, we presented the design and evaluation of Anti-
Phishing Phil, a game that teaches users not to fall for phishing
attacks. Our objective in developing the anti-phishing game was
to teach users three things: (1) how to identify phishing URLs, (2)
where to look for cues in web browsers, and (3) how to use search
engines to find legitimate sites. In particular, the game teaches
users about identifying three types of phishing URL’s: IP based
URLs, sub domain, and deceptive.
11. We conducted a user study in which we compared the
effectiveness of the game with existing online training materials
and a tutorial we created based on the game. We found that
participants who played the game performed better at identifying
phishing websites than participants who completed the two other
types of training. Using signal detection theory, we also showed
that while existing online training materials increase awareness
about phishing (which can help people avoid attacks), our game
also makes users more knowledgeable about techniques they can
use to identify phishing web sites.
Our results show that interactive games can be a promising way of
teaching people about strategies to avoid falling for phishing
attacks. Our results suggest that applying learning science
principles to training materials can stimulate effective learning.
Finally, our results strongly suggest that educating users about
security can be a reality rather than just a myth [14].
8. ACKNOWLEDGMENTS
This work was supported in part by National Science Foundation
under grant CCF-0524189, and by the Army Research Office
grant number DAAD19-02-1-0389. The authors would like to
thank all members of the Supporting Trust Decisions project for
their feedback. The authors would also like to thank Chiapi Chao,
and Kursat Ozenc for their feedback throughout the game
development process, and Bing Wu for first suggesting the idea of
signal detection analysis.
9. REFERENCES
[1] Abdi, H. (2007). Signal detection theory. In: Salkind, N.J.
(Ed.), Encyclopedia of Measurement and Statistics.
Thousand Oaks (CA), Sage.
[2] Anderson, J. R. Rules of the Mind. Lawrence Erlbaum
Associates, Inc., 1993.
[3] Camtasia Studio. Retrieved Nov 9, 2006.
http://www.techsmith.com/camtasia.asp.
[4] Dhamija, R. and J. D. Tygar. 2005. The battle against
phishing: Dynamic Security Skins. In Proceedings of the
2005 Symposium on Usable Privacy and Security
(Pittsburgh, Pennsylvania, July 06 - 08, 2005). SOUPS '05,
vol. 93. ACM Press, New York, NY, 77-88. DOI=
http://doi.acm.org/10.1145/1073001.1073009.
[5] Dhamija, R., J. D. Tygar. and M. Hearst. 2006. Why
phishing works. In Proceedings of the SIGCHI Conference
on Human Factors in Computing Systems (Montréal,
Québec, Canada, April 22 - 27, 2006). R. Grinter, T.
Rodden, P. Aoki, E. Cutrell, R. Jeffries, and G. Olson, Eds.
CHI '06. ACM Press, New York, NY, 581-590. DOI=
http://doi.acm.org/10.1145/1124772.1124861.
[6] Donovan, M. S., Bransford, J. D., & Pellegrino, J.W. 1999.
How people learn: Bridging research and practice.
Washington, D.C.: National Academy Press.
[7] Downs, J., M. Holbrook and L. Cranor. 2006. Decision
strategies and susceptibility to phishing. In Proceedings of
the Second Symposium on Usable Privacy and Security
(Pittsburgh, Pennsylvania, July 12 - 14, 2006). SOUPS '06,
vol. 149. ACM Press, New York, NY, 79-90. DOI=
http://doi.acm.org/10.1145/1143120.1143131.
[8] eBay. Spoof Email Tutorial. Retrieved March 7, 2006,
http://pages.ebay.com/education/spooftutorial/.
[9] Evers, J. Security Expert: User education is pointless.
Retrieved, Jan 13, 2007, http://news.com.com/2100-7350_3-
6125213.html.
[10] Federal Trade Commission. An E-Card for You game.
Retrieved Nov 7, 2006,
http://www.ftc.gov/bcp/conline/ecards/phishing/index.html.
[11] Federal Trade Commission. How Not to Get Hooked by a
Phishing Scam. Retrieved Nov 7, 2006,
http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.htm.
[12] Ferguson, A. J. 2005. Fostering E-Mail Security Awareness:
The West Point Carronade. EDUCASE Quarterly. 2005, 1.
Retrieved March 22, 2006,
http://www.educause.edu/ir/library/pdf/eqm0517.pdf.
[13] Gee, J. P. What Video Games Have to Teach Us About
Learning and Literacy. Palgrave Macmillan, Hampshire,
England, 2003.
[14] Gorling, S. 2006. The myth of user education. In
Proceedings of the 16th Virus Bulletin International
Conference.
[15] Herzberg, A., and Gbara, A. 2004. TrustBar: Protecting
(even Naïve) Web Users from Spoofing and Phishing
Attacks. Cryptology ePrint Archive, Report 2004/155.
http://eprint.iacr.org/2004/155.
[16] Jagatic, T.,N. Johnson, M. Jakobsson and F. Menczer. Social
Phishing. To appear in Communications of the ACM.
Retrieved March 7, 2006,
http://www.indiana.edu/~phishing/social-network-
experiment/phishing-preprint.pdf.
[17] Jakobsson, M., and Myers, S., Eds. Phishing and
Countermeasures: Understanding the Increasing Problem of
Electronic Identity Theft. Wiley-Interscience, 2006.
[18] James, L. 2005. Phishing Exposed. Syngress, Canada.
[19] Johnson, B. R., and Koedinger, K. R. 2002. Comparing
instructional strategies for integrating conceptual and
procedural knowledge. In Proceedings of the Annual
Meeting [of the] North American Chapter of the
International Group for the Psychology of Mathematics
Education, vol. 1–4, pp. 969–978.
[20] Klein, G. Sources of power : How people make decisions?
The MIT Press Cambridge, Massachusetts The MIT Press,
Cambridge, Massachusetts, London, England, February
1999.
[21] Kumaraguru, P., Sheng, S., Acquisti, A., Cranor, L. F., and
Hong, J. 2007. Teaching Johnny not to fall for phish. Tech.
rep., Carnegie Mellon University.
http://www.cylab.cmu.edu/files/ cmucylab07003.pdf.
[22] Kumaraguru, P., Y. Rhee, A. Acquisti, L. Cranor, J. Hong
and E. Nunge. 2007. Protecting People from Phishing: The
Design and Evaluation of an Embedded Training Email
System. In Proceedings of the 2007 Computer Human
Interaction, CHI 2007.
[23] Macmillan, N.A., Creelman, C.D. 2005. Detection theory:
user’s guide (2nd edition).Mahwah (NJ): Erlbaum.
12. [24] Maldonado, H., Lee, J.-E. R., Brave, S., Nass, C., Nakajima,
H., Yamada, R., Iwamura, K., and Morishima, Y. 2005. We
learn better together: enhancing elearning with emotional
characters. In CSCL ’05: Proceedings of the 2005 conference
on Computer support for collaborative learning,
International Society of the Learning Sciences, pp. 408–417.
[25] Mayer, R. E. Multimedia Learning. New York Cambridge
University Press, 2001.
[26] Microsoft. Recognizing phishing scams and fraudulent
emails. Retrieved Oct 15, 2006.
http://www.microsoft.com/athome/security/email/phishing.m
spx.
[27] MillerSmiles.co.uk phishing archive. Retrieved April 15,
2006. http://www.millersmiles.co.uk/
[28] Moreno, R., Mayer, R. E., Spires, H. A., and Lester, J. C.
2001. The case for social agency in computer-based
teaching: Do students learn more deeply when they interact
with animated pedagogical agents? Cognition and
Instruction 19, 2, 177 – 213.
[29] MySecureCyberspace. Uniform Resource Locator (IRL).
Retrieved Oct 15, 2006.
http://www.mysecurecyberspace.com/encyclopedia/index/uni
form-resource-locator-url-.html.
[30] New York State Office of Cyber Security & Critical
Infrastructure Coordination. Gone Phishing… A Briefing on
the Anti-Phishing Exercise Initiative for New York State
Government. Aggregate Exercise Results for public release.
[31] Quinn, C. N. 2005. Engaging Learning: Designing e-
Learning Simulation Games. Pfeiffer.
[32] Repenning, A., and Lewis, C. Playing a game: The ecology
of designing, building and testing games as educational
activities. In ED-Media, World Conference on Educational
Multimedia, Hypermedia & Telecommunications (2005),
Association for the Advancement of Computing in
Education.
[33] Schneier, B. 2000. Semantic Attacks: The Third Wave of
Network Attacks. Crypto-Gram Newsletter. Retrieved Sep 2,
2006, http://www.schneier.com/crypto-gram-0010.html#1.
[34] Wu, M. Fighting Phishing at the User Interface. 2006. MIT
PhD. thesis.
http://groups.csail.mit.edu/uid/projects/phishing/minwu-
thesis.pdf.
[35] Wu, M., Miller R. C. and Little, G. 2006. Web Wallet:
Preventing Phishing Attacks By Revealing User Intentions.
In Proceedings of the Second Symposium on Usable Privacy
and Security (Pittsburgh, Pennsylvania, July 12 - 14, 2006).
SOUPS '06, vol. 149. ACM Press, New York, NY, 79-90.
DOI= http://doi.acm.org/10.1145/1143120.1143133.
[36] Wu, M., Miller, R. C., and Garfinkel, S. L. 2006. Do security
toolbars actually prevent phishing attacks?. In Proceedings
of the SIGCHI Conference on Human Factors in Computing
Systems (Montréal, Québec, Canada, April 22 - 27, 2006). R.
Grinter, T. Rodden, P. Aoki, E. Cutrell, R. Jeffries, and G.
Olson, Eds. CHI '06. ACM Press, New York, NY, 601-610.
DOI= http://doi.acm.org/10.1145/1124772.1124863
[37] Ye, Z. and S. Smith. 2002. Trusted Paths for Browsers. In
Proceedings of the 11th USENIX Security Symposium. pp.
263 - 279. USENIX Association. Berkeley, CA, USA.
[38] Yee, K. P. and Sitaker K. 2006. PassPet: Convenient
Password Management And Phishing Protection. In
Proceedings of the Second Symposium on Usable Privacy
and Security (Pittsburgh, Pennsylvania, July 12 - 14, 2006).
SOUPS '06, vol. 149. ACM Press, New York, NY, 79-90.
DOI= http://doi.acm.org/10.1145/1143120.1143126.
[39] Zhang, Y., S. Egelman, L. Cranor, and J. Hong. 2007.
Phinding Phish: Evaluating Anti-Phishing Tools. In
Proceedings of the 14th Annual Network and Distributed
System Security Symposium (NDSS 2007), San Diego, CA,
28 February -2 March, 2007.
[40] Zhang, Y., J. Hong., and L. Cranor, and 2007. CANTINA: a
Content-Based Approach to Detecting Phishing Websites. In
Proceedings of the 16th International World Wide Web
Conference (WWW2007), Banff, Alberta, Canada, May 8-12,
2007