bit-tech.net

Phishing attacks on the rise

Phishing attacks on the rise

Anti-Phishing Phil was developed to help educate users on identifying scams.

Scientists at Carnegie Mellon University have developed an educational, online game game in order to help teach users important steps to take to avoid phishing attacks. This comes at a great time since, according to the September 2007 MessageLabs Intelligence report, one in 87.2 emails is a phishing attack.

Using authentic images and email templates and even going as far as including authentic URLs in secondary links, scammers are making it harder for normal users to identify scams. When Monster.com was hacked in late August, scammers used a plethora of personal information gained from the database in order to convince users visit fraudulent websites. Thanks to spam filters, none of the five or so attempted scams managed to actually get to my inbox but many weren't so lucky.

It's because of this that we help try to educate those that need just a little bit of help.

You might remember when we directed you to a little online quiz to see if your scam-busting skills were up to par. The vast majority of you received a perfect or near-perfect score with little trouble at all and you should find yourselves in the same boat this time around. Anti-Phishing Phil sticks strictly to identifying scams by looking at the URL of links embedded in emails.

Anti-Phishing Phil was developed by Ph.D. student Steve Sheng at Carnegie Mellon University and is quite unlike most educational tools out there on the net. Instead of going through a normal type of quiz, users control a fish named Phil who swims through the "Interweb Bay." In order to advance to the next level, users must feed on the correct URL worm of websites while rejecting the spam ones.

While it may not be quit as fun or look as pretty as Halo 3 or BioShock, it does help educate users. According to Shen's research, 87 percent of users were better able to identify false URLs after playing the game compared to 69 percent before. For a web game that's educational, those results are pretty good.

If you want to see if your scam busting skills are up to test or you need a little help to educate a computer-illiterate loved one, then head on over to the Anti-Phishing Phil website. Even if you're bored with nothing to do, this can help waste a couple of minutes. On top of everything else, if you take a short quiz before the test and one a week later, you'll be entered into a raffle for a $100 Amazon gift certificate. Hey, that's a win-win situation there.

Did you find Phil to be useful and plan to pass him on to others? Let us know what you though of the game and what your end results were over in the forums.

4 Comments

Discuss in the forums Reply
leexgx 1st October 2007, 16:47 Quote
this program should work very well for norm users as well
mattthegamer463 1st October 2007, 19:29 Quote
I suck at it, thats all I know. Some are easy when its an obvious IP in the address, but how do I know Citibanking.net is not real? I don't use citibank, how would I know their actual URL is citibank.com?

Its a good concept, but its too childish and tries to simplify rooting out phishing sites to the point that it makes it difficult to do so.
Bladestorm 1st October 2007, 20:14 Quote
I like the idea, most of my few failures came down to not knowing the corporations involved also.
Sim0n 1st October 2007, 22:27 Quote
I suck at it, thats all I know. Some are easy when its an obvious IP in the address, but how do I know Citibanking.net is not real? I don't use citibank, how would I know their actual URL is citibank.com?

If you dont use citybank website, you'd be damn foolish to go logging into it without thinking ? id you DO use citybank, you would know the domain.
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums