Phishing Game Warns Users

Carnegie Mellon University researchers have written an online game to teach about the dangers of phishing.

Scientists at Carnegie Mellon University have developed an online game designed to teach Internet users about the dangers of phishing.

Featuring a cartoon fish named Phil, the game, called Anti-Phishing Phil, has been tested in CMU's Privacy and Security Laboratory. Officials with the lab say users who spent 15 minutes playing the interactive, online game were better able to discern fraudulent Web sites than those who simply read tutorials about the threat.

The game focuses on teaching Internet users how to tell the URL of a fraudulent site from a legitimate one, officials say. It offers tips such as examining URLs for misspellings of popular sites, dissecting a Web address to understand where it's pointing to, and using Google to validate a URL against search results. (This reporter played the game, scoring 8 out of 8 in the first round, 6 out of 8 in the second round, and not enough correct answers in the third round to move up.)

The lab has now decided to open up the game for broader testing. Visitors to the site who click on "play the game" are given a short quiz, play the game, and then take another quiz, officials say. Visitors who submit their e-mail addresses and take a follow-up quiz the next week are entered in a raffle to win a US$100 Amazon.com gift card.

The game was developed to help raise awareness about phishing attacks, in which spam e-mails that appear to come from a legitimate bank or retail organization try to lure the recipient into entering personal or financial information into a fraudulent Web site, where it can be stolen and used in identity theft.

More than viruses and other malware, users run the risk of falling prey to a phishing attack because these scams rely on social engineering and can't be protected against by technology, professors at the lab say.

While security experts argue the effectiveness in educating users to be aware of phishing scams, the Ph.D. student who developed Anti-Phishing Phil, Steve Sheng, this summer presented results of a study showing that training improved Internet users' ability to tell a legitimate Web site from a fraudulent one. According to Sheng's research, users in the study improved their accuracy in spotting fake sites from 69 percent before playing the game to 87 percent after.

This project is part of a larger CMU antiphishing research initiative funded by the National Science Foundation and the Army Research Office.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Network World staff

Network World
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?