Decision strategies and susceptibility to phishing
作者: Julie S. Downs , Mandy B. Holbrook , Lorrie Faith Cranor
关键词: Computer security 、 Perceived vulnerability 、 Preliminary analysis 、 Internet privacy 、 Know-how 、 Computer science 、 Phishing 、 Computer users 、 Qualitative research 、 Information sensitivity 、 Order (business)
摘要: Phishing emails are semantic attacks that con people into divulging sensitive information using techniques to make the user believe is being requested by a legitimate source. In order develop tools will be effective in combating these schemes, we first must know how and why fall for them. This study reports preliminary analysis of interviews with 20 non-expert computer users reveal their strategies understand decisions when encountering possibly suspicious emails. One reasons may vulnerable phishing schemes awareness risks not linked perceived vulnerability or useful identifying Rather, our data suggest can manage they most familiar with, but don't appear extrapolate wary unfamiliar risks. We explore several use, varying degrees success, evaluating making sense warnings offered browsers attempting help navigate web.
acm.org
core.ac.uk
researchgate.net 
sci-hub.se 参考文章(16)
Ahmad Gbara, Amir Herzberg, TrustBar: Protecting (even Naïve) Web Users from Spoofing and Phishing Attacks ,(2004)
Robert C. Miller, Min Wu, Fighting phishing at the user interface Massachusetts Institute of Technology. ,(2006)
Radix Labs, Aaron Emigh, Online Identity Theft: Phishing Technology, Chokepoints and Countermeasures ,(2005)
John C. Mitchell, Neil Chou, Yuka Teraguchi, Robert Ledesma, Client-Side Defense Against Web-Based Identity Theft. network and distributed system security symposium. ,(2004)
B. Fischhoff, W.J.A. Bruine de Bruin, The effect of question format on measured HIV/AIDS knowledge : detention center teens, high school students, and adults Aids Education and Prevention. ,vol. 12, pp. 187- 198 ,(2000)
William B. Rouse, Nancy M. Morris, On looking into the black box: Prospects and limits in the search for mental models. Psychological Bulletin. ,vol. 100, pp. 349- 363 ,(1986) , 10.1037/0033-2909.100.3.349
Rachna Dhamija, J. D. Tygar, The battle against phishing: Dynamic Security Skins symposium on usable privacy and security. pp. 77- 88 ,(2005) , 10.1145/1073001.1073009
Min Wu, Robert C. Miller, Simson L. Garfinkel, Do security toolbars actually prevent phishing attacks human factors in computing systems. pp. 601- 610 ,(2006) , 10.1145/1124772.1124863
Allen Newell, None, Human Problem Solving ,(1972)
Rachna Dhamija, J. D. Tygar, Marti Hearst, Why phishing works human factors in computing systems. pp. 581- 590 ,(2006) , 10.1145/1124772.1124861