Experimental Case Studies for Investigating E-Banking Phishing Techniques and Attack Strategies

Phishing is a form of electronic identity theft in which a combination of social engineering and web site spoofing techniques are used to trick a user into revealing confidential information with economic value. The problem of social engineering attack is that there is no single solution to eliminate it completely, since it deals largely with the human factor. This is why implementing empirical experiments is very crucial in order to study and to analyze all malicious and deceiving phishing website attack techniques and strategies. In this paper, three different kinds of phishing experiment case studies have been conducted to shed some light into social engineering attacks, such as phone phishing and phishing website attacks for designing effective countermeasures and analyzing the efficiency of performing security awareness about phishing threats. Results and reactions to our experiments show the importance of conducting phishing training awareness for all users and doubling our efforts in developing phishing prevention techniques. Results also suggest that traditional standard security phishing factor indicators are not always effective for detecting phishing websites, and alternative intelligent phishing detection approaches are needed

Applying Bourdieu to socio-technical systems: The importance of affordances for social translucence in building 'capital' and status to eBay's success

This paper introduces the work of Sociologist Pierre Bourdieu and his concepts of ‘the field’ and ‘capital’ in relation to eBay. This paper considers eBay to be a socio-technical system with its own set of social norms, rules and competition over ‘capital’. eBay is used as a case study of the importance of using a Bourdieuean approach to create successful socio-technical systems.Using a two-year qualitative study of eBay users as empirical illustration, this paper argues that a large part of eBay’s success is in the social and cultural affordances for social translucence and navigation of eBay’s website - in supporting the Bourdieuean competition over capital and status. This exploration has implications for wider socio-technical systems design which this paper will discuss - in particular, the importance of creating socially translucent and navigable systems, informed by Bourdieu’s theoretical insights, which support competition for ‘capital’ and status

CERT strategy to deal with phishing attacks

Every day, internet thieves employ new ways to obtain personal identity people and get access to their personal information. Phishing is a somehow complex method that has recently been considered by internet thieves.The present study aims to explain phishing, and why an organization should deal with it and its challenges of providing. In addition, different kinds of this attack and classification of security approaches for organizational and lay users are addressed in this article. Finally, the CERT strategy is presented to deal with phishing and studying some anti-phishing

Towards reframing professional expert support

The paper addresses practical ways of reconfiguring professional expertise in development practice in moving away from the expert as a technocrat. Two projects associated with managing natural resource dilemmas suggest an alternative way of framing intervention involving professional experts providing a more appropriate collaborative learning space for development practice. The paper describes the heuristic devices generated by each project as helpful in bringing out dialectic tensions between practice and understanding, and between systems of interest and situations of interest (or situated problems). Firstly, SLIM (social learning for the integrated management and sustainable use of water at catchment scale) - a European Framework Programme 5 project - exemplifies social learning as a measure of sustainable development. The heuristic illustrates the dependence of sustainability on changes in practice and understanding amongst professionals and other stakeholders as part of concerted - rather than merely individual or even collective - action. Secondly, ECOSENSUS (Electronic/Ecological Collaborative Sensemaking Support System) - a Guyana focused intervention involving several UK universities in collaboration with the University of Guyana and Amerindian community representatives from the North Rupununi wetlands - builds on the SLIM heuristic in supporting the development of practice. Additionally, the ECOSENSUS heuristic provides conceptual space for the interaction between conceptual constructs of distributed stakeholders (that is, systems thinking) including those with professional expertise, and the actual context of intervention (the situated problem). Both SLIM and ECOSENSUS provide heuristics for process-orientated management enabling more meaningful and purposeful interaction between professional/ technical experts and other stakeholders, as an alternative to conventional project-orientated management intervention. An alternative framing may help to steer practice away from the apoliticised comforting linearity of professionalised systematic project management towards more constructive systemic endeavours involving multiple stakeholders

Policy forums: Why do they exist and what are they used for?

Policy forums are issue-based intermediary organizations where diverse types of political and societal actors repeatedly interact. Policy forums are important elements of modern governance systems as they allow actors to learn, negotiate, or build trust. They can vary in composition, size, membership logic, and other distinct features. This article lays the foundation of a theory of policy forums based on three interrelated elements: First, it discusses conditions for the formation of a forum and describes the logic of these organizations as one of an asymmetric multipartite exchange. Second, it enumerates the potential set of goals and motivations of participating actors that are fed into this exchange. Third, it proposes eight different dimensions on which policy forums differ and which affect the exchange mechanisms among actors. We claim that empirical work on policy forums should systematically take these elements into account and propose elements of a research agenda

The normativity of code as law: towards input legitimacy

In the debate on how the new information and communication technologies impact on democratic politics the role played by the digital architecture seems to be surprisingly underrated. In particular, while a lot of attention has been paid to the possibilities that new technologies open up to democratic theory, few works have attempted to look at how democracy may help in shaping technologies. By adopting as a starting point the approach known as ‘code as law’, the paper aims at two objectives: to re-affirm the importance of discussing normative principles to guide the process of code writing in order to reinvigorate the debate; to claim the importance of input reasons when deciding which principles should be chosen. After having remarked that code is relevant for establishing democratic norms, the paper briefly tackles with the main attempts by European scholars to deal with this issue. Then, a couple of practical examples of how code impacts on democratic rights are sketched out. In the last section of the paper a shift from an output-based approach to the legitimacy of code to an input-based is openly advocated: an inquiry into the legitimacy of code should focus on its production

Power, control and organisational learning

A review of managerial literature highlights the crucial importance of shared culture and common schemes of interpretation in organisational learning. The interpretative and sensemaking approaches of organisational learning insert themselves deeply in the process of the construction of social uniformity and cognitive homogeneity. Individual learning, culture, beliefs and rationality - the shared mental models - are the targets of confirmation processes. Thus, this specific kind of organisational learning cannot be considered as normatively neutral, but as a political process. A case study of a bank illustrates that organisational learning can be based on a structured social construction of cognitive homogeneity which generates an increase of control and enhances power of the management by reinforcing the legitimacy of decisions. However, this case study also shows that learning and non-learning are the two faces of the same process or, in other words, that organisational learning can produce unawareness and unintentional nonlearning by too much cultural uniformity. -- Eine Durchsicht der Managementliteratur verdeutlicht die zentrale Bedeutung gemeinsamer Kultur und geteilter Deutungsmuster für das Organisationslernen. Die interpretativen und deutungsbezogenen Ansätze des Organisationslernens basieren auf tiefgreifenden Prozessen zur Konstruktion sozialer Einheitlichkeit und kognitiver Homogenität. Die Absicherungsprozesse beziehen sich auf das individuelle Lernen, Kultur, Werthaltungen und Rationalität - die gemeinsamen mentalen Modelle. Insofern kann diese Form des Organisationslernens nicht als wertneutral angesehen werden; es handelt sich vielmehr um einen politischen Prozeß. An einer Fallstudie in einer Bank wird illustriert, daß Organisationslernen auf einer sozial konstruierten kognitiven Homogenität aufgebaut werden kann. Dabei wird Management-Kontrolle erweitert und ihre Macht verstärkt, indem die Legitimität ihrer Entscheidungen abgesichert wird. Allerdings dokumentiert die Fallstudie auch, daß Lernen und Nicht-Lernen zwei Seiten des gleichen Prozesses sind, anders gewendet: Organisationslernen kann zur Ausblendung von Wahrnehmung beitragen und - unbeabsichtigt - Nicht-Lernen generieren, wenn zuvor ein zu hohes Maß an kultureller Homogenität etabliert worden ist.

On the integration of digital technologies into mathematics classrooms

Trouche‘s (2003) presentation at the Third Computer Algebra in Mathematics Education Symposium focused on the notions of instrumental genesis and of orchestration: the former concerning the mutual transformation of learner and artefact in the course of constructing knowledge with technology; the latter concerning the problem of integrating technology into classroom practice. At the Symposium, there was considerable discussion of the idea of situated abstraction, which the current authors have been developing over the last decade. In this paper, we summarise the theory of instrumental genesis and attempt to link it with situated abstraction. We then seek to broaden Trouche‘s discussion of orchestration to elaborate the role of artefacts in the process, and describe how the notion of situated abstraction could be used to make sense of the evolving mathematical knowledge of a community as well as an individual. We conclude by elaborating the ways in which technological artefacts can provide shared means of mathematical expression, and discuss the need to recognise the diversity of student‘s emergent meanings for mathematics, and the legitimacy of mathematical expression that may be initially divergent from institutionalised mathematics

Polycentrism and Flux in Spatialized Management: Evidence from Maine\u27s Lobster (Homarus americanus) Fishery

Spatial approaches to fisheries management hold great promise but require continued conceptual and policy development. Polycentrism and flux emerge as useful concepts, drawing lessons from more customary, informal resourceuse patterns to produce more innovative “spatialized” policies within existing governance architectures. Empirical evidence from Maine shows that pioneering efforts have been limited by the single-species focus of conventional management hierarchies. As entry limits have consolidated the fishing fleet and eliminated flexible, diversified, and adaptive business strategies, cross-species and habitat externalities have become problematic. State lobster (Homarus americanus Milne- Edwards, 1837) comanagement zones have achieved some successes, including trap limits and improved industry-management communications, but incur significant transaction costs and raise equity and stewardship concerns. Kindred proposals for spatial refinement of groundfish management and locally based area-management councils lack support from the state Department of Marine Resources, Atlantic States Marine Fisheries Commission, New England Fishery Management Council, and National Marine Fisheries Service. Broader and more transparent deliberation of explicitly spatial and ecosystem approaches might be advanced by citizen panels convened to foster polycentric decision structures and accommodate more integrative management strategies