|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Phishing tips and techniques: tackle, rigging, and how and when to phish
If you have a question about this talk, please contact Saar Drimer.
Note unusual time of talk in addition to our regularly scheduled one
Despite the crypto wars having mostly ended some years ago, we don’t seem to be any better off now that good crypto is widely available. The reason for this is that attackers are exploiting the weakest link in the interface and doing an end-run around the crypto. This talk looks at the technical and psychological backgrounds behind why phishing works, and how this can be exploited to make phishing attacks more effective. To date, apart from the occasional use of psychology grads by 419 scammers, no-one has really looked at the wetware mechanisms that make phishing successful. Security technology doesn’t help here, with poorly-designed user interfaces playing right into the phishers hands.
After covering the psychological nuts and bolts of how users think and make decisions, the talk goes into specific examples of user behaviour clashing with security user interface design, and how this could be exploited by attackers to bypass security speedbumps that might be triggered by phishing attacks. Depending on your point of view, this is either a somewhat hair-raising cookbook for more effective phishing techniques, or a warning about how these types of attacks work and what needs to be defended against.
Peter Gutmann’s webpage: http://www.cs.auckland.ac.nz/~pgut001/
This talk is part of the Computer Laboratory Security Seminar series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsResistance in Russia and Eastern Europe Disease Ontologies and Information (EBI, Hinxton, 19th June 2008) Digitization of History Project: Centre for History and Economics, King's College
Other talksBiological and bio-inspired locomotion at small scales - MECHANICS COLLOQUIUM Images of Care and Dying with Profs Jane Maher, Bill Noble & Emma Wilson Living Root Bridge Ecosystems of India Putting wireless signal security in a system security context Self-assembly of jammed heterogeneous colloidal shells by combining electrohydrodynamics and dielectrophoresis Can we use PTP to detect network congestion?