• DocumentCode
    1958223
  • Title

    Fighting Phishing with Trusted Email

  • Author

    Crain, Jordan ; Opyrchal, Lukasz ; Prakash, Atul

  • Author_Institution
    Miami Univ., Oxford, OH, USA
  • fYear
    2010
  • fDate
    15-18 Feb. 2010
  • Firstpage
    462
  • Lastpage
    467
  • Abstract
    Phishing is the combination of social engineering and technical exploits designed to convince a victim to provide personal information, usually for the monetary gain of the attacker (phisher). Attempts to stop phishing by preventing a user from interacting with a malicious web site have shown to be ineffective. We introduce a method to aid in the prevention of phishing by combining automatic and transparent email signing with an email client plugin. The plugin can detect unsigned spoofed messages. In this manner, the user is prevented (or at least discouraged) from visiting malicious web sites, thus stopping the data-gathering phase of the phishing attack before it begins. We describe the system, implementation, weaknesses, and our ongoing user experiments.
  • Keywords
    computer crime; data privacy; unsolicited e-mail; email client plugin; phishing; social engineering; technical exploits; trusted email; Availability; Design engineering; Electronic mail; Information security; Internet; Privacy; Reliability engineering; State estimation; Target recognition; Viruses (medical); email; phishing; privacy; spam;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability, and Security, 2010. ARES '10 International Conference on
  • Conference_Location
    Krakow
  • Print_ISBN
    978-1-4244-5879-0
  • Type

    conf

  • DOI
    10.1109/ARES.2010.98
  • Filename
    5438053
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1958223