Fish named Phil helps foil phishers
Last Updated: Wednesday, September 26, 2007 | 12:31 PM ET
CBC News
Related
External Links
- Anti-Phishing Phil
- PAPER: The design and evolution of a game that teaches people not to fall for phish
(Note: CBC does not endorse and is not responsible for the content of external sites - links will open in new window)
Playing an online game beats computer tutorials or written materials in arming people against phishing attacks, Carnegie Mellon University computer scientists have determined.
The scientists tested an online game they developed, Anti-Phishing Phil, against a tutorial they created based on the game and existing online materials.
After 15-minute tests, "We found that participants who played the game were better able to identify fraudulent websites, compared to the participants in other conditions," the researchers reported in a paper presented at an online security symposium in July.
"We designed the game to teach people how to use web addresses, or URLs, to identify phishing websites," said Steve Sheng, a Carnegie PhD student and lead developer of the game, a project of the university's Usable Privacy and Security Laboratory.
Other computer scams, like viruses or spyware, are based on a weakness in the computer's hardware or software. But phishing attacks "take advantage of the way people use their computers and their often-limited knowledge of the way computers work," said Lorrie Cranor, Carnegie professor and director of the lab.
The game stars a little fish named Phil who helps users identify phishing URLs, look for cues in web browsers and use search engines to find legitimate sites.
The lab's user studies concluded that education can protect people from falling for phishing attacks, the scientists said.
But "it is hard to get users to read security tutorials, and many of the available online training materials make users aware of the phishing threat but do not provide them with enough information to protect themselves."
The researchers want to expand their tests by asking visitors to go to their website and play the game.
Phishing is a computer-based scam that tries to trick people into revealing personal, bank or credit-card information. Phishing often involves e-mails that appear legitimate, such as a request from a bank to confirm account information by sending details of the account.
If consumers do, the scammers will try to use the information to break into the consumer's account.
Share Tools
Top News Headlines
- Adele wins best album, best record Grammys
- Adele capped off a "life-changing" year by winning six Grammys Sunday night, including record of the year and album of the year for 21 more »
- Hit and run victim's family fears accused will walk
- The family of a young mother killed in a hit and run is outraged that the case against the alleged driver is among thousands in B.C. at risk of being thrown out because of a huge court backlog. more »
- CBC launches digital music service
- CBC is diving into the world of online music with the goal of providing listeners access to their favourite tunes and a way to discover new artists and connect with fellow music fans. more »
- Whitney Houston death shows no signs of trauma
- Whitney Houston's life of glorious song and unnerving self-destruction apparently ended on Grammy weekend, but it could be weeks before investigators know exactly why she died. more »
Latest Technology & Science News Headlines
- CBC launches digital music service
- CBC is diving into the world of online music with the goal of providing listeners access to their favourite tunes and a way to discover new artists and connect with fellow music fans. more »
- Video game's 50th anniversary marked by MIT
- Students at MIT celebrated the 50th anniversary of Spacewar!, the first videogame in history, by re-creating it on a computer the size of a business card. more »
- NASA to scale back Mars exploration
- Scientists say NASA is about to propose major cuts in its exploration of other planets, especially Mars, with the space agency's former science chief calling the plan irrational. more »
- Create-your-own-app product to launch in Moncton
- A Moncton entrepreneur is hoping to revolutionize the way mobile applications are created by launching a new product that allows people to develop their own app within minutes. more »
Bob McDonald's Blog
Glacier Discovery Walk: Will the visitor centre enhance the view? Feb. 10, 2012 3:17 PM Environment minister Peter Kent has announced the construction of a new Glacier Discovery Walk and visitor centre on the Icefields Parkway in Jasper National Park. It raises the issue of how to balance commercial development in our National Parks against the preservation of the last refuges of wilderness.
Quirks & Quarks
- February 11: Inside the Mind of a Neandertal Feb. 10, 2012 4:01 PM Can we get inside the mind of a species that's been dead for 30,000 years? A new book, How to Think Like a Neanderthal, suggests we can. The authors reconstruct a creature like us in many ways, but with important differences.
Latest Features
- Adele wins best album, best record Grammys
- Whitney Houston autopsy results withheld
- Hit and run victim's family fears accused will walk
- Quebec town 'heartbroken' after killing of woman, sisters
- Pop queen Whitney Houston dies at 48
- Manitoba man dies after falling off moving SUV
- 2 vehicles sink on river highway
- Doors blocked in fatal Manitoba trailer blaze
- Greece passes new austerity deal amid rioting
