Australian Information Warfare and Security Conference
Document Type
Conference Proceeding
Publisher
School of Computer and Information Science, Edith Cowan University, Perth, Western Australia
Abstract
Social engineering is a significant problem involving technical and nontechnical ploys in order to acquire information from unsuspecting users. This paper presents an assessment of user awareness of such methods in the form of email phishing attacks. Our experiment used a webbased survey, which presented a mix of 20 legitimate and illegitimate emails, and asked participants to classify them and explain the rationale for their decisions. This assessment shows that the 179 participants were 36% successful in identifying legitimate emails, versus 45% successful in spotting illegitimate ones. Additionally, in many cases, the participants who identified illegitimate emails correctly could not provide convincing reasons for their selections.
DOI
10.4225/75/57a80e47aa0cb
Comments
7th Australian Information Warfare and Security Conference, Edith Cowan University, Perth Western Australia, 4th - 5th December, 2006.