| | |
Summary: A DESIGN FOR AN ANTI-SPEAR-PHISHING SYSTEM AYCOCK
290 VIRUS BULLETIN CONFERENCE SEPTEMBER 2007
A DESIGN FOR AN
ANTI-SPEAR-PHISHING SYSTEM
John Aycock
Department of Computer Science, University of
Calgary, Calgary, Alberta, Canada
Email aycock@cpsc.ucalgary.ca
ABSTRACT
Phishing is a widespread and effective computer-mediated
social attack. Phishers have proven highly adaptable in terms
of exploiting new communications channels witness
`vishing' and `SMiShing' and are becoming increasingly
sophisticated. At the same time, research has shown that
current anti-phishing measures are less than adequate.
One concern in terms of malicious software is targeted attacks;
the phishing equivalent is `spear phishing', where a phishing
attack is directed at a specific organization or even individuals.
Spear phishing may present users with some difficult decisions
regarding the authenticity of messages. We propose a design
|
