Archive for the 'Phishing Attacks Using Social Networks' Category

To tell or not to tell?

Sunday, April 24th, 2005

Many of you are upset because you feel you were not asked for perminssion beforehand. I understand that this feels strange.

Now, imagine that we did ask you for permission. “Is it ok with you that we spoof an email from a person you trust, in order to make you go to a webpage that could […]

Recent Questions About Prior Consent

Sunday, April 24th, 2005

Most recently we have received a number of emails and blog postings concerning obtaining consent prior to the experiment. Unfortunately due to the inherent deception used in the experiment, this was not possible. The Human Subjects Committee granted a waiver of consent for this experiment.

The goal of the study is to raise user awareness […]

A forum for discussion

Sunday, April 24th, 2005


We’ve created this blog to communicate information about our study and also encourage comment/discussion. All blog comments will be made anonymously.

Phishing is a growing threat. The fundamental purpose of this study was to study the effects of more advanced techniques in phishing using context. Receiving a message from a friend (or corroborated […]