Kirlappos, I;
Sasse, MA;
(2012)
Security Education against Phishing: A Modest Proposal for a Major Rethink.
IEEE Security and Privacy Magazine
, 10
(2)
24 - 32.
10.1109/MSP.2011.179.
![[thumbnail of Kirlappos_Security_2012.pdf]](https://discovery.ucl.ac.uk/style/images/fileicons/application_pdf.png) Preview |
PDF
Kirlappos_Security_2012.pdf Download (345kB) |
Abstract
User education must focus on challenging and correcting the misconceptions that guide current user behavior. To date, user education on phishing has tried to persuade them to check URLs and a number of other indicators, with limited success. The authors evaluate a novel antiphishing tool in a realistic setting—participants had to buy tickets under time pressure and lost money if they bought from bad sites. Although none of the participants bought from sites the tool clearly identified as bad, 40 percent risked money with sites flagged as potentially risky, but offering bargains. When tempted by a good deal, participants didn't focus on the warnings; rather, they looked for signs they thought confirmed a site's trustworthiness.
| Type: | Article |
|---|---|
| Title: | Security Education against Phishing: A Modest Proposal for a Major Rethink |
| Open access status: | An open access version is available from UCL Discovery |
| DOI: | 10.1109/MSP.2011.179 |
| Publisher version: | http://dx.doi.org/10.1109/MSP.2011.179 |
| Language: | English |
| Additional information: | © IEEE Computer Society 2011 |
| Keywords: | Security, Electronic Commerce, Computers and Society, Management of computing and information systems |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/1353958 |
Archive Staff Only
 |
View Item |
