Behavioral response to phishing risk

ACM International Conference Proceeding Series

Volumn 269, Issue , 2007, Pages 37-44

  Downs, Julie S ^a   Holbrook, Mandy ^a   Cranor, Lorrie Faith ^a  

^a CARNEGIE MELLON UNIVERSITY   (United States)

Author keywords

phishing; survey

Indexed keywords

BEHAVIORAL RESPONSE; COMPUTER USERS; INTUITIVE UNDERSTANDING; PHISHING; PHISHING ATTACKS; PILOT SURVEYS; ROLE PLAY; WEB ENVIRONMENT;

ELECTRONIC MAIL; SURVEYS;

SECURITY OF DATA;

EID: 77953906935     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1299015.1299019     Document Type: Conference Paper

References (12)

1. Schneier, B. 2000. Semantic Attacks: The Third Wave of Network Attacks. Crypto-Gram Newsletter. October 15, 2000, http://www.schneier.com/crypto-gram- 0010.html
2. Schechter, S. E., Dhamija, R., Ozment, A., Fischer, I., 2007 The Emperor's New Security Indicators. IEEE Symposium on Security and Privacy, 20-23 May 2007.
3. Dhamija, R., Tygar, J. D., and Hearst, M. 2006. Why phishing works. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (Montréal, Québec, Canada, April 22 - 27, 2006). R. Grinter, T. Rodden, P. Aoki, E. Cutrell, R. Jeffries, and G. Olson, Eds. CHI '06. ACM Press, New York, NY, 581-590. DOI=http://doi.acm.org/10.1145/1124772.1124861.
4. Sheng, S., Magnien, B., Kumaraguru, P., Acquisti, A., Cranor, L., Hong, J., and Nunge, E. Anti-Phishing Phil: The Design and Evaluation of a Game That Teaches People Not to Fall for Phish. In Proceedings of the Third Symposium on Usable Privacy and Security, 2007.
5. Kumaraguru, P., Rhee, Y., Acquisti, A., Cranor, L. F., Hong, J., and Nunge, E. 2007. Protecting people from phishing: the design and evaluation of an embedded training email system. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (San Jose, California, USA, April 28 - May 03, 2007). CHI '07. ACM Press, New York, NY, 905-914. DOI= http://doi.acm.org/ 10.1145/1240624.1240760
6. Downs, J. S., Holbrook, M. B., and Cranor, L. F. 2006. Decision strategies and susceptibility to phishing. In Proceedings of the Second Symposium on Usable Privacy and Security (Pittsburgh, Pennsylvania, July 12 - 14, 2006). SOUPS '06, vol. 149. ACM Press, New York, NY, 79-90. DOI= http://doi.acm.org/10.1145/1143120.1143131.
7. Jagatic, T., Johnson, N., Jakobsson, M., and Menczer. F. Social Phishing. To appear in Communications of the ACM, October, 2007.
8. Ferguson, A. J. 2005. Fostering E-Mail Security Awareness: The West Point Carronade. EDUCASE Quarterly. 2005, 1. Retrieved March 22, 2006, http://www.educause.edu/ir/library/pdf/eqm0517.pdf.
9. New York State Office of Cyber Security & Critical Infrastructure Coordination. 2005. Gone Phishing... A Briefing on the Anti-Phishing Exercise Initiative for New York State Government. Aggregate Exercise Results for public release.
10. Zhang, Y., S. Egelman, L. Cranor, and J. Hong. 2007. Phinding Phish: Evaluating Anti-Phishing Tools. In Proceedings of the 14th Annual Network and Distributed System Security Symposium (NDSS 2007), San Diego, CA, 28 February -2 March, 2007.
11. Wu, M., Miller, R. C., and Garfinkel, S. L. 2006. Do security toolbars actually prevent phishing attacks?. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (Montréal, Québec, Canada, April 22 - 27, 2006). R. Grinter, T. Rodden, P. Aoki, E. Cutrell, R. Jeffries, and G. Olson, Eds. CHI '06. ACM Press, New York, NY, 601-610. DOI= http://doi.acm.org/10.1145/1124772.1124863
12. Fette, I., N. Sadeh and A. Tomasic. Learning to Detect Phishing Emails. June 2006. ISRI Technical report, CMUISRI-06-112 (To be presented at WWW 2007). http://reportsarchive.adm.cs.cmu.edu/anon/isri2006/CMU-ISRI-06-112.pdf