Anti-phishing toolbars efficient
Date: May 05, 2006Source: PC WORLD
The MIT study's scenario went something like this: thirty people were given the role of a personal assistant who had to shop for certain items, based on instructions and URLs sent by their employer via e-mail. Their job was to keep their boss happy and, while they were at it, not let his personal information get stolen. As in the Harvard study I mentioned, they were warned ahead of time that the people running the study would be trying to fool them.
The good news is that the anti-phishing toolbars used in the study worked perfectly, correctly identifying fake sites. The bad news is that the people in the study often ignored the toolbars' warnings. (The really bad news: 20 of the participants were MIT students.) Why ignore them? It turns out that many of the MIT study's findings corroborated those from the Harvard study: faith in snazzy-looking sites, an inability to properly parse URLs, and so on. But the most interesting reasons were the rationalizations users came up with, especially this nugget: one person felt the toolbar's threat assessment was probably inaccurate because her e-mail's spam filter regularly reports false positives.
Original article
Add comment Email to a Friend