Many of you are upset because you feel you were not asked for perminssion beforehand. I understand that this feels strange.
Now, imagine that we did ask you for permission. “Is it ok with you that we spoof an email from a person you trust, in order to make you go to a webpage that could […]
[From slashdot (dated 03/16/2005):]
Treasury department auditors recently posed as network technicians and attempted to get IRS employees to reveal their usernames and passwords and/or change the password to one suggested by the “technician”. The result: over one-third shared their passwords. If there is any good news in the story it is that the 35% figure […]
Most recently we have received a number of emails and blog postings concerning obtaining consent prior to the experiment. Unfortunately due to the inherent deception used in the experiment, this was not possible. The Human Subjects Committee granted a waiver of consent for this experiment.
The goal of the study is to raise user awareness […]
Welcome,
We’ve created this blog to communicate information about our study and also encourage comment/discussion. All blog comments will be made anonymously.
Phishing is a growing threat. The fundamental purpose of this study was to study the effects of more advanced techniques in phishing using context. Receiving a message from a friend (or corroborated […]