Sunday, July 22, 2007

University Conducts Anti-Phishing Research

An AP newswire article by Ryan Lenz, via Yahoo! News, reports that:

[Indiana University] has conducted nearly a dozen experiments in the last two years. In one, called "Messin' With Texas," researchers learned mothers' maiden names for scores of people in Texas. Maiden names often are used as a security challenge question.

Another conducted in May found that 72 percent of more than 600 students tested on the Bloomington, Ind., campus fell for an e-mail from an account intended to look familiar that sought usernames and passwords.

By contrast, only 18 percent of 350 students in a separate control group were fooled when they received e-mails from addresses they did not recognize.

The experiments found that hackers have the most success by using hijacked Web addresses or e-mail accounts that look real. The research also showed computer users generally have little knowledge of Web site security certificates and leave themselves open to attack with poorly configured routers or operating systems.

More here.

0 Comments:

Post a Comment

<< Home