Tuesday, November 27, 2007

Anti-Phishing Phil

A post on the Security Catalyst forums directed me to this little gem:

Anti-Phishing Phil is an interactive game that teaches users how to identify phishing URLs, where to look for cues in web browsers, and how to use search engines to find legitimate sites.

Our user studies have found that user education can help prevent people from falling for phishing attacks. However, it is hard to get users to read security tutorials, and many of the available online training materials make users aware of the phishing threat but do not provide them with enough information to protect themselves. Our studies demonstrate that Anti-Phishing Phil is an effective approach to user education.
Source: http://cups.cs.cmu.edu/antiphishing_phil/.
Although a little US-Centric (is bankoflouisiana.com a real bank?), definitely very useful as an awareness and training tool.
Well done!

No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.