Print
Discuss
Send to friend
RSS feedsUS computer scientists have unveiled an online game designed to teach surfers how to recognise phishing attacks and other web scams.
Designed by a team at Carnegie Mellon University, the game features a fish called 'Phil'.
Tests at the Carnegie Usable Privacy and Security (Cups) Laboratory found that people who spent 15 minutes playing the Anti-Phishing Phil game were better able to identify fraudulent websites than people who spent the same amount of time reading traditional anti-phishing tutorials.
"We believe that education is essential if people are to avoid being ripped-off by phishing attacks and similar online scams," said Cups Lab director Lorrie Cranor.
"Unlike viruses or spyware, phishing attacks do not exploit weaknesses in hardware or software, but take advantage of the way people use computers and their often-limited knowledge of the way computers work."
Steve Sheng, a Ph.D. student in Carnegie Mellon's Engineering and Public Policy Department, and lead developer of Anti-Phishing Phil, added: "We designed the game to teach people how to use web addresses, or URLs, to identify phishing sites. The tactic can also be useful in analysing suspicious email messages."
In addition to Cranor and Sheng, Anti-Phishing Phil developers include Carnegie Mellon faculty members Jason Hong and Alessandro Acquisti, and students Bryant Magnien and Ponnurangam Kumaraguru.
The Cups Lab has also collaborated with Portugal Telecom to develop a Portuguese version of the game called Anti-Phishing Ze.
As part of ongoing field tests, the researchers asked surfers to visit the Anti-Phishing Phil site and click on the 'Play the game!' link. Participants will be asked to take a short quiz, play the game and then take another quiz.
Those who leave their email address and participate in a follow-up quiz a week later will be eligible for a raffle prize of a $100 Amazon gift card.
See also:
Cyber-criminals responsible for 10,000 web page hacks 21 Aug 2007All Hacking
del.icio.us
Digg this
reddit!
