Link of the week - Anti-Phishing Phil |
||
|
||
Want to learn how to better recognize and avoid email "phishing" and other Internet scams? Play Anti-Phishing Phil. Carnegie Mellon University computer scientists have developed an interactive, online game in which fishy Phil helps people identify fraudulent Web sites. Phishing attacks attempt to trick people into revealing personal information or bank or credit card account information. In addition to spoof emails and counterfeit Web sites, some attacks even mimic parts of a user's own Web browser. "We believe education is essential if people are to avoid being ripped off by these phishing attacks and similar online scams," said Lorrie Cranor, associate research professor in the School of Computer Science's Institute for Software Research. "Unlike viruses or spyware, phishing attacks don't exploit weaknesses in a computer's hardware or software, but take advantage of the way people use their computers and their often-limited knowledge of the way computers work." Security experts disagree about whether user education is effective in reducing vulnerability to increasingly sophisticated phishing attacks. The game format of Anti-Phishing Phil has proved particularly effective, improving the users' accuracy from 69 percent prior to training to 87 percent after playing the game. A Portuguese version of the game, called Anti-Phishing Ze, is also available. |