Fake-Website Detection Tools: Identifying Elements that Promote Individuals’ Use and Enhance Their Performance

By successfully exploiting human vulnerabilities, fake websites have emerged as a major source of online fraud. Fake websites continue to inflict exorbitant monetary losses and also have significant ramifications for online security. We explore the process by which salient performance-related elements could increase the reliance on protective tools and, thus, reduce the success rate of fake websites. We develop the theory of detection tool impact (DTI) for this investigation by borrowing and contextualizing the protection motivation theory. Based on the DTI theory, we conceptualize a model to investigate how salient performance and cost-related elements of detection tools could influence users’ perceptions of the tools and threats, efficacy in dealing with threats, and reliance on such tools. The research method was a controlled lab experiment with a novel and extensive experimental design and protocol in two distinct domains: online pharmacies and banks. We found that the detector accuracy and speed, reflecting in response efficacy as perceived by users, form the pivotal coping mechanism in dealing with security threats and are major conduits for transforming salient performance-related elements into increased reliance on the detector. Furthermore, reported reliance on the detector showed a significant impact on the users’ performance in terms of self-protection. Therefore, users’ perceived response efficacy should be used as a critical metric to evaluate the design, assess the performance, and promote the use of fake-website detectors. We also found that cost of detector error had profound impacts on threat perceptions. We discuss the significant theoretical and empirical implications of the findings

Tutorial and Critical Analysis of Phishing Websites Methods

The Internet has become an essential component of our everyday social and financial activities. Internet is not important for individual users only but also for organizations, because organizations that offer online trading can achieve a competitive edge by serving worldwide clients. Internet facilitates reaching customers all over the globe without any market place restrictions and with effective use of e-commerce. As a result, the number of customers who rely on the Internet to perform procurements is increasing dramatically. Hundreds of millions of dollars are transferred through the Internet every day. This amount of money was tempting the fraudsters to carry out their fraudulent operations. Hence, Internet users may be vulnerable to different types of web threats, which may cause financial damages, identity theft, loss of private information, brand reputation damage and loss of customers’ confidence in e-commerce and online banking. Therefore, suitability of the Internet for commercial transactions becomes doubtful. Phishing is considered a form of web threats that is defined as the art of impersonating a website of an honest enterprise aiming to obtain user’s confidential credentials such as usernames, passwords and social security numbers. In this article, the phishing phenomena will be discussed in detail. In addition, we present a survey of the state of the art research on such attack. Moreover, we aim to recognize the up-to-date developments in phishing and its precautionary measures and provide a comprehensive study and evaluation of these researches to realize the gap that is still predominating in this area. This research will mostly focus on the web based phishing detection methods rather than email based detection methods

BlogForever D2.4: Weblog spider prototype and associated methodology

The purpose of this document is to present the evaluation of different solutions for capturing blogs, established methodology and to describe the developed blog spider prototype

Privacy Risks and Security Threats in mHealth apps

mHealth (Mobile Health) applications (apps) have transformed the doctor-patient relationship. They help users with varied functionalities such as monitoring their health, understanding specific health conditions, consulting doctors online and achieving fitness goals. Whilst these apps provide an option of equitable and convenient access to healthcare, a lot of personal and sensitive data about users is collected, stored and shared to achieve these functionalities. Little is known about the privacy and security concerns these apps address. Based on literature review, this paper identifies the privacy risks and security features for evaluating thirty apps in the Medical category across two app distribution platforms in India namely Google Play and App Store. Factors identified through the review formed a basis of the scoring model which helped to arrive at the ‘Privacy Risk Score’ and ‘Safety Score’ for each app. A comparative analysis of the selected apps was performed by studying their privacy policies. The results indicate that adopting these apps pose a risk. Finally, recommendations are provided to consumers such as examining the app before downloading it, customizing the app settings, and to developers to develop robust and transparent privacy policies

TESTING DECEPTION WITH A COMMERCIAL TOOL SIMULATING CYBERSPACE

Deception methods have been applied to the traditional domains of war (air, land, sea, and space). In the newest domain of cyber, deception can be studied to see how it can be best used. Cyberspace operations are an essential warfighting domain within the Department of Defense (DOD). Many training exercises and courses have been developed to aid leadership with planning and to execute cyberspace effects that support operations. However, only a few simulations train cyber operators about how to respond to cyberspace threats. This work tested a commercial product from Soar Technologies (Soar Tech) that simulates conflict in cyberspace. The Cyberspace Course of Action Tool (CCAT) is a decision-support tool that evaluates defensive deception in a wargame simulating a local-area network being attacked. Results showed that defensive deception methods of decoys and bait could be effective in cyberspace. This could help military cyber defenses since their digital infrastructure is threatened daily with cyberattacks.Marine Forces Cyberspace CommandChief Petty Officer, United States NavyChief Petty Officer, United States NavyApproved for public release. Distribution is unlimited

Developing a national strategy for combating counterfeit medicines

Background Counterfeit medicines pose a worldwide problem to governments, pharmaceutical companies and patients, meaning a systemic and comprehensive approach needs to be adopted by medicines regulatory agencies. The UK’s Medicines and Health Regulatory Agency (MHRA) was one of the first national agencies to develop and implement a strategy to combat counterfeit medicines. Exploring this experience from different perspectives provides an opportunity to build knowledge and inform others considering adopting a similar approach. Aims The aim of this research is to describe and investigate the key components in developing an anti-counterfeit medicines strategy in the UK; through describing and examining agency and stakeholder views on its development, implementation and evaluation and the roles of pharmacists and GPs within this. Methods A mixed method qualitative and quantitative research design was used which comprised four separate studies. Two semi-structured interview studies of MHRA and stakeholders participants were undertaken alongside two postal survey studies of community pharmacists and GPs. Findings The significant risk to patients resulting from counterfeit medicines underpinned the decision to develop and implement a national strategy. Stakeholders have an important role in the development of the strategy and in its implementation by securing the supply chain, sharing information, educating others, being vigilant and reporting suspicions. Pharmacists and GPs reported limited experience of counterfeit medicines. Whilst GPs reported receiving no related education or training, pharmacists frequently reported supply practices which did not align with current guidance. Conclusion There was agreement that in order to effectively combat counterfeit medicines a national strategy was required. Stakeholders from the pharmaceutical industry, regulatory bodies, medical and pharmacy professions were seen to have an important role in both its drafting and implementation. Pharmacists and GPs mainly believed that they had a role in combating counterfeit medicines however it was identified that they required better underpinning education and training. The research findings provide a framework of evidence-based guidance for developing an anti-counterfeit medicines strategy