1、Trust and Identity as Defenses Against Phishing and Spoofing,Rick Ells University of Washington,Phishing and Spoofing,Phishing (sometimes called carding or brand spoofing) is a scam where the perpetrator sends out legitimate looking emails in an effort to phish for personal information from the reci
2、pient. Involves social engineering to manipulate the recipient into trusting the message enough to enter private information May link to a Web form duplicating the appearance and functionality of a legitimate Web site,Phishing email example,Date: Wed, 9 Jun 2004 10:34:16 -0500 From: USbank-securijtU
3、sB Reply-To: productu.washington.edu Subject: USB Security Update URGENcsSecurity Key: vnydramifyg .txcwqDear US Bank Customer, During our regular update and verification of the Internet Banking Accounts, We could not verify your current information. Either your information has been Changed or incom
4、plete, as a result your access to use our services has been Limited. Please update your information.To update your account information and start using our services please click on the link below: http: Requests for information will be initiated by US Bank Business Development; this process cannot be
5、 externally requested through customer support.,Phishing Web site example,Virtually identical to legitimate Web site except for possible additional fields and behind the scenes coding changes.,Common advice to users,Disregard messages you do not trust Do not click on links in messages you do not tru
6、st Do not visit Web sites you do not trust,Who do you trust?,How do users evaluate the trustworthiness of an email message or a Web site? What can we do to help them make the right decisions?,Definitions,trust - certainty based on past experience; “he wrote the paper with considerable reliance on th
7、e work of other scientists“; “he put more trust in his own two legs than in the gun“ (Oxford English Dictionary) trust that which is essential to a communication channel but which cannot be transferred from a source to a destination using that channel (Generalized Certification Theory http:/www.mcg.
8、org.br/cie.htm),Qualified Reliance on Information,Trust, as qualified reliance on information, needs multiple, independent channels to be communicated. If we have two entities (e.g., a client and server) talking to one another, we have only one channel of communication. Clearly, we need more than tw
9、o entities. Ed Gerck, Trust as Qualified Information,Prominence-Interpretation Theory,Prominence Involvement Topic Task Experience Individual differences,Interpretation Assumptions Skill/knowledge Context,Credibility Impact,The impact that element has on credibility assessment,What value or meaning
10、people assign to element, good or bad,An elements likelihood of being noticed when people evaluate credibility,B.J. Fogg Prominence-Interpretation Theory: Explaining How People Assess Credibility Online, CHI 2003,Trust Evaluations,Closeness Accuracy Sample size Variance Expertise Deferral (Accredita
11、tion),Trust in Electronic Markets: The convergence of crytographers And economists, by Joseph Beagle Jr., First Monday,Threshold (Group) Individual History Category History Agent is (dis)trusting Agent does (not) give benefit of the doubt,Design and organization,Users trust sites that are well-desig
12、ned and well-organized. Poor navigation is the key element that decreases earned web credibility. Peter Morville, Semantics Studios,Design versus content,Sillence, Briggs, Fishwick, & Harris, Trust and Mistrust of Online Health Sites,Selection of websites,Interviews,30 randomly selected adults 15 em
13、ail and Web site examples 5 real 10 phishing Methodology Pre-test structured interview Talk-aloud protocol Initial impressions Description Trust or not trust decision Post-test structured interview,Results,High rate of discrimination of generic phishing messages Language anomalies Misspellings Role
14、confusion Arrival context (when, relative to other events) Features they had been warning about (attachments, links within the message) Low rate of discrimination of duplicated Web sites Limited skill at interpreting URLs Recognized inappropriate fields Asked how page was reached Had expectations of
15、 what was appropriate and what was not Remarkable capacity for evaluating trustworthiness, if they have something to go on,Discussion,Diminishing vulnerability of your clients Quality of content Branding and unique-ing Interaction design Safe methodologies Applied consistently User education,Quality
16、 of content,No misspellings Correct grammar Succinct, to-the-point text Clear role definition Consistent voice Useful, appropriate information,Branding and unique-ing,Consistency of branding across your sites Logos Naming of services, offices Language Minor unique style elements C&C, Computing & Com
17、munications Centering, dashed lines, ascii-art Signatures,Interaction design,Establish rigid interaction rules Never request identity information (userIDs, passwords, account numbers, etc.) by email Never ask for password information by phone or email Never ask for billing or payment information thr
18、ough email Use secure servers for all private information entry Address messages with recipients name Do not put links in your email messages, only provide the URL Limit the number of transactional Web sites Send confirming email messages for transactions Follow your own interaction rules Variance r
19、educes trust,User education,Offer safe behavior guidelines Keep your computer OS, anti-virus program, and anti-spyware program up to date. Never click on a link in an email message. Copy the URL instead. Never enter your identity information (password, SSN, etc.) in an email message. Only a segment
20、of your users will notice Still worth reaching them, they are the communicators and mavens.,Technical defenses,Spam filtering Fast response to reports of phishing sites mimicking your pages and services Report it Anti-Phishing Workgroup reportphishingantiphishing.org FTC uceftc.gov Centralize manage
21、ment of phishing events,Summary,Quality content, branding, and unique-ing help fight generic phishing They also set you up for mimicry Interaction design helps minimize risk and build a context workflow users can use to evaluate trustworthiness You need to follow your own interaction rules User educ
22、ation helps users share the responsibility Only a segment of your audience will notice,References,Peter Morville, Semantics Studios - http:/ Ed Gerck Trust as Qualified Reliance on Information - http:/ Beagle, Joseph, Jr. Trust in Electronic Markets: The convergence of cryptographers and economists
23、http:/www.firstmonday.dk/issues/issue2/markets/ Sillence, Briggs, Fishwick, & Harris, Trust and Mistrust of Online Health Sites CHI 2004 - http:/portal.acm.org/citation.cfm?id=985776 Anti-Phishing Working Group http:/www.antiphishing.org/ Phishing Attack Trends Report http:/www.antiphishing.org/APWG_Phishing_Attack_Report-Apr2004.pdf The MailFrontier Phishing IQ Test - http:/