Computer Crime Research Center


Phishing gathers symposium

Date: July 03, 2006

Combating a growing number of email phishing attacks will be a major focus of the second annual Symposium on Usable Privacy and Security July 12-14 at Carnegie Mellon University.

Phishing — using email to trick computer users to reveal confidential information — is just one example of how existing security practices are failing to protect the average computer user, said Lorrie Cranor, director of Carnegie Mellon's Usable Privacy and Security Laboratory, which hosts the symposium.

"Basically, when it comes to phishing, most people are clueless," said Cranor, an associate research professor of computer science and engineering and public policy.

In fact, the number one cause of security breaches overall is not technical, but due to human failure. This human failure includes using inadequate or re-used passwords, allowing antivirus services to lapse and surrendering information to seemingly legitimate but untrustworthy Web sites.

The symposium brings together an interdisciplinary group of about 100 researchers and practitioners in human-computer interaction, security and privacy to explore new security methods that are both effective and likely to be used and understood by most people. Phishing will be addressed in a number of research papers presented at the symposium, as well as at a panel discussion including representatives of Microsoft, Google and the University of California, Berkeley. Other topics include alternatives to the current system of passwords and new methods to help users assess whether particular Web sites are trustworthy.

Austin Hill, co-founder of Radialpoint, a Canadian firm that manages security services for Internet providers, will present an invited talk on common problems in security usability from a corporate perspective.

The symposium includes a workshop for researchers on July 12, followed by a poster session on cutting-edge research from 4 to 6 p.m. in the Newell-Simon Hall atrium. Technical papers and discussions will be presented July 13-14 at Carnegie Mellon's Collaborative Innovation Center. Funding for the event is provided by Carnegie Mellon CyLab.

For more information, visit the symposium Web site at
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo