Phishing for Answers Tim Martin, PhD Capella University March 27, 2009.

9
Phishing for Phishing for Answers Answers Tim Martin, PhD Tim Martin, PhD Capella University Capella University March 27, 2009 March 27, 2009

Transcript of Phishing for Answers Tim Martin, PhD Capella University March 27, 2009.

Page 1: Phishing for Answers Tim Martin, PhD Capella University March 27, 2009.

Phishing for AnswersPhishing for Answers

Tim Martin, PhDTim Martin, PhD

Capella UniversityCapella University

March 27, 2009March 27, 2009

Page 2: Phishing for Answers Tim Martin, PhD Capella University March 27, 2009.

OverviewOverview

Research SummaryResearch Summary

ResultsResults

FindingsFindings

ImplicationsImplications

Future StudiesFuture Studies

ReferencesReferences

QuestionsQuestions

Page 3: Phishing for Answers Tim Martin, PhD Capella University March 27, 2009.

Research SummaryResearch Summary

Demographic SurveyDemographic Survey

Pre and Post TestsPre and Post Tests

Page 4: Phishing for Answers Tim Martin, PhD Capella University March 27, 2009.

ResultsResults

153 Participants (141 usable)153 Participants (141 usable)

Younger Participants More VariedYounger Participants More Varied

Female Scores More VariedFemale Scores More Varied

2 Perfect Scores2 Perfect Scores

Page 5: Phishing for Answers Tim Martin, PhD Capella University March 27, 2009.

FindingsFindings

No Variable SignificantNo Variable Significant

Multiple FactorsMultiple Factors

Perfect Score UncommonPerfect Score Uncommon

Page 6: Phishing for Answers Tim Martin, PhD Capella University March 27, 2009.

ImplicationsImplications

Education/Training not Single SolutionEducation/Training not Single Solution

Go Beyond the “What”Go Beyond the “What”

Page 7: Phishing for Answers Tim Martin, PhD Capella University March 27, 2009.

Future StudiesFuture Studies

Address the Why (qualitative)Address the Why (qualitative)

Explore Vishing, SmishingExplore Vishing, Smishing

Explore Impact of Social EngineeringExplore Impact of Social Engineering

Page 8: Phishing for Answers Tim Martin, PhD Capella University March 27, 2009.

ReferencesReferencesAnti-Phishing Working Group Anti-Phishing Working Group www.antiphishing.org/newswire.htmlwww.antiphishing.org/newswire.html

Boulware, Folsom and Guillory StudyBoulware, Folsom and Guillory Studyhttp://mooreschool.sc.edu/moore/research/Publications/BandE/bande52/52n1/technology.htmlhttp://mooreschool.sc.edu/moore/research/Publications/BandE/bande52/52n1/technology.html

Federal Trade CommissionFederal Trade Commissionwww.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.htmwww.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.htm

Government Online Information SiteGovernment Online Information Siteonguardonline.gov/index.htmlonguardonline.gov/index.html

Intrepidus Group Intrepidus Group http://www.phishme.com/index.htmlhttp://www.phishme.com/index.html

Phishtank Website SitePhishtank Website Sitewww.phishtank.comwww.phishtank.com

Privacy Rights Clearing HousePrivacy Rights Clearing Housewww.privacyrights.org/fs/fs17a.htmwww.privacyrights.org/fs/fs17a.htm

SonicWALL Phishing IQ TestSonicWALL Phishing IQ Testwww.sonicwall.comwww.sonicwall.com

Page 9: Phishing for Answers Tim Martin, PhD Capella University March 27, 2009.

Questions or Comments?Questions or Comments?