Slashdot Mirror


Why Phishing Works

h0neyp0t writes "Harvard and Berkeley have released a study that shows why phishing attacks work (pdf). When asked if a phishing site was legit or a spoof, 23% of users use only the content of the website to make the decision! The majority of users ignore the address and SSL indicators in the browser. Some users think that favicons and lock icons in HTML are more important indicators. The paper hints that the proposed IE7 security indicators and multi-colored address bar will also suffer a similar fate. This study is brought to you by the people who developed the security skins Firefox extension."

2 of 293 comments (clear)

  1. Simply because .... by cfortin · · Score: 5, Funny

    People are stupid. Total knuckle biters. Every one of them.

    That is all ...

  2. Re:The Blind Squirrel by $RANDOMLUSER · · Score: 5, Funny

    I've been proposing for a long time that the "Yes/No/Cancel" type dialog boxes should simply be replaced with a single "Whatever" button, as users NEVER read what the dialog box says.

    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill