CBCnews
Story Tools: EMAIL | PRINT | Text Size: S M L XL | REPORT TYPO | SEND YOUR FEEDBACK | Bookmark and Share

Fish named Phil helps foil phishers

Last Updated: Wednesday, September 26, 2007 | 12:31 PM ET

CBC News

Playing an online game beats computer tutorials or written materials in arming people against phishing attacks, Carnegie Mellon University computer scientists have determined.

The scientists tested an online game they developed, Anti-Phishing Phil, against a tutorial they created based on the game and existing online materials.

After 15-minute tests, "We found that participants who played the game were better able to identify fraudulent websites, compared to the participants in other conditions," the researchers reported in a paper presented at an online security symposium in July.

"We designed the game to teach people how to use web addresses, or URLs, to identify phishing websites," said Steve Sheng, a Carnegie PhD student and lead developer of the game, a project of the university's Usable Privacy and Security Laboratory.

Other computer scams, like viruses or spyware, are based on a weakness in the computer's hardware or software. But phishing attacks "take advantage of the way people use their computers and their often-limited knowledge of the way computers work," said Lorrie Cranor, Carnegie professor and director of the lab.

The game stars a little fish named Phil who helps users identify phishing URLs, look for cues in web browsers and use search engines to find legitimate sites.

The lab's user studies concluded that education can protect people from falling for phishing attacks, the scientists said.

But "it is hard to get users to read security tutorials, and many of the available online training materials make users aware of the phishing threat but do not provide them with enough information to protect themselves."

The researchers want to expand their tests by asking visitors to go to their website and play the game.

Phishing is a computer-based scam that tries to trick people into revealing personal, bank or credit-card information. Phishing often involves e-mails that appear legitimate, such as a request from a bank to confirm account information by sending details of the account.

If consumers do, the scammers will try to use the information to break into the consumer's account.

  • This story is now closed to commenting.
Story Tools: EMAIL | PRINT | Text Size: S M L XL | REPORT TYPO | SEND YOUR FEEDBACK | Bookmark and Share
 

Related

Technology & Science Headlines

Bell quietly drops system access fee
The cellphone system access fee is all but extinct. Bell Canada has quietly axed the charge, joining rivals Rogers and Telus.
Beam sent around Large Hadron Collider
The operators of the Large Hadron Collider have successfully sent a beam of particles around the ring of the world's largest particle collider in Switzerland.
Asian carp close to Great Lakes
U.S. officials say the despised Asian carp may have breached an electronic barrier designed to prevent it from invading the Great Lakes.
Billy Bragg, NDP push for new law on music downloads
British folk singer Billy Bragg teamed up with Canadian songwriters and the NDP to advocate for copyright reform and a new approach to music downloads while on tour in Ottawa Friday.
Cigarette butts toxic to fish, say researchers
U.S. researchers say cigarette butts are toxic to fish and should be labeled as toxic hazardous waste.

Technology Features

BRIGHT IDEASHome sweet solar home
Students build solar-powered houses for U.S. competition
THE IDEAS GUYRichard Handler
New thinking about children, some anti-advice
QUIRKS & QUARKSBob McDonald
Energy-efficient homes: Small changes, big gains
Q&A Mayer-Schonberger
Society must teach digital systems to forget, author says
MILITARY MATTERSRobert Smol
Now is not the time to gut our armed forces
SMART SHIFTWeekly Think Tank
Can governments get smarter, leaner and faster?
More Features

Top CBCNews.ca Headlines

Headlines

Ottawa will stay course on stimulus: Flaherty Video
Rather than turning off the stimulus taps or pouring more fuel on the economic fire, Ottawa will stand pat with the $61 billion in stimulus spending announced in January, Finance Minister Jim Flaherty says.
Flood forces Vancouver Island evacuations Video
Dozens of homes have water "up to the doorknobs" and others are under evacuation alert after heavy rain combined with high tides to flood low-lying parts of Duncan, B.C., an hour's drive north of Victoria.
Colvin's job safe despite Afghan torture testimony Video
The Conservatives will not try to remove Richard Colvin from his post in Washington, Defence Minister Peter MacKay says, even though they question the credibility of his testimony on Afghan prisoners.
UN human rights committee votes to censure Iran Video
A United Nations committee has approved a Canadian-led resolution urging Iran to stop harassing political opponents in the wake of its disputed presidential elections.
1 in 10 Americans deliquent in paying mortgage Video
New statistics indicate one in 10 American homeowners is now delinquent by at least one mortgage payment and one in seven is now either delinquent or in foreclosure.