Developing and evaluating a five minute phishing awareness video

Confidence tricksters have always defrauded the unwary. The computer era has merely extended their range and made it possible for them to target anyone in the world who has an email address. Nowadays, they send phishing messages that are specially crafted to deceive. Improving user awareness has the potential to reduce their effectiveness. We have previously developed and empirically-validated phishing awareness programmes. Our programmes are specifically designed to neutralize common phish-related misconceptions and teach people how to detect phishes. Many companies and individuals are already using our programmes, but a persistent niggle has been the amount of time required to complete the awareness programme. This paper reports on how we responded by developing and evaluating a condensed phishing awareness video that delivered phishing awareness more efficiently. Having watched our video, participants in our evaluation were able to detect phishing messages significantly more reliably right after watching the video (compared to before watching the video). This ability was also demonstrated after a retention period of eight weeks after first watching the video

The initiation of the child to breach 2.0. Irresponsible use of ICT

[EN] For social educators every day it becomes more and more necessary to confront potential problems that inappropriate use of ICT could generate in the development of children in our immediate environment. Thus it becomes necessary to identify the risk factors and generate a response as a protective factor. It is not unreasonable to think that the digital gap created between children and adults may tend to increase, due no doubt to the constant and sometimes exhausting evolution of new technologies and the neuronal plasticity of these children. We identify the most significant behaviors that children reproduce when entering the world of ITC, as it is shown in numerous studies and researches. This will make possible to act preventively and to implement possible solutions to offending behavior.[ES] Para los profesionales socioeducativos se hace cada día más necesario afrontar los posibles problemas que el uso inadecuado de las TIC puedan generar en el desarrollo de los menores de nuestro entorno más próximo. Para ello se hace preciso identificar los factores de riesgo y generar una respuesta a modo de factor de protección.No resulta descabellado pensar que la brecha digital creada entre menores y adultos puede tender a aumentar, debido sin duda a la constante y a veces agotadora evolución de las nuevas tecnologías y la fácil plasticidad neuronal de los menores.Identificamos aquellas conductas más significativas que reproducen los menores a la hora de internarse en el mundo de las TIC, tal y como recogen numerosos estudios. De esta forma será posible actuar preventivamente e implementar las posibles soluciones ante conductas infractorasFernandez Murcia, A. (2016). La iniciación del menor a la infracción 2.0. Uso irresponsable de las TIC. Revista sobre la infancia y la adolescencia. (10):35-53. doi:10.4995/reinad.2016.3945SWORD355310- American Psychiatric Association (2000) Diagnostic and statistical manual of mental disorders. Text Revision. Washington: American Psychiatric Association- Cánovas, G. (2004) Ladrones de Inocencia. Madrid: Editorial Nuevos Escritores- Chóliz, M. y Marco, C. (2011) Patrón de Uso y Dependencia de Videojuegos en Infancia y Adolescencia. Anales de psicología, 27 (2). 418-426- Chóliz, M. y Villanueva, V. (2011) Evaluación de la adicción al móvil en la adolescencia. Revista Espa-ola de Drogodependencia, 36 (2). 165-184.CRUZADO DÍAZ, L., MATOS RETAMOZO, L., & KENDALL FOLMER, R. (2012). Adicción a internet: Perfil clínico y epidemiológico de pacientes hospitalizados en un instituto nacional de salud mental. Revista Medica Herediana, 17(4), 196. doi:10.20453/rmh.v17i4.879- Del Pozo, J., Pérez, L. y Ferreras, M. (2009) Adicciones y nuevas tecnologías de la información y de la comunicación. Perspectivas de su uso para la prevención y el tratamiento. Logro-o: Gobierno de la Rioja, Consejería de Salud.Echeburúa, E., & De Corral, P. (2010). Adicción a las nuevas tecnologías y a las redes sociales en jóvenes: un nuevo reto. Adicciones, 22(2), 91. doi:10.20882/adicciones.196- Estallo, J. A. (1994) Videojuegos, personalidad y conducta. Psicothema, 6, 181-190.García, F. (2010) Internet en la vida de nuestros hijos. ¿Cómo transformar los riesgos en oportunidades?. Navarra: Foro Generaciones Interactivas, Navarra.- Jagatic, T., Johnson, N., Jakobsson, M. y Menczer, F. (2006) Social Phishing. Communications of the ACM.Nizama, M. (2013). El fenómeno adictivo. Revista de Neuro-Psiquiatria, 62(1), 51. doi:10.20453/rnp.v62i1.1457- Luengo, A. (2004) Adicción a Internet: conceptualización y propuesta de intervención. Revista Profesional Espa-ola de Terapia Cognitivo-Conductual, 2, 22- 52.- Orjuela, L. [Coord.] (2010) La tecnología en la preadolescencia y adolescencia: Usos, riesgos y propuestas desde los protagonistas. Save the Childre

Computational fact checking from knowledge networks

Traditional fact checking by expert journalists cannot keep up with the enormous volume of information that is now generated online. Computational fact checking may significantly enhance our ability to evaluate the veracity of dubious information. Here we show that the complexities of human fact checking can be approximated quite well by finding the shortest path between concept nodes under properly defined semantic proximity metrics on knowledge graphs. Framed as a network problem this approach is feasible with efficient computational techniques. We evaluate this approach by examining tens of thousands of claims related to history, entertainment, geography, and biographical information using a public knowledge graph extracted from Wikipedia. Statements independently known to be true consistently receive higher support via our method than do false ones. These findings represent a significant step toward scalable computational fact-checking methods that may one day mitigate the spread of harmful misinformation

Bootstrapping Trust in Online Dating: Social Verification of Online Dating Profiles

Online dating is an increasingly thriving business which boasts billion-dollar revenues and attracts users in the tens of millions. Notwithstanding its popularity, online dating is not impervious to worrisome trust and privacy concerns raised by the disclosure of potentially sensitive data as well as the exposure to self-reported (and thus potentially misrepresented) information. Nonetheless, little research has, thus far, focused on how to enhance privacy and trustworthiness. In this paper, we report on a series of semi-structured interviews involving 20 participants, and show that users are significantly concerned with the veracity of online dating profiles. To address some of these concerns, we present the user-centered design of an interface, called Certifeye, which aims to bootstrap trust in online dating profiles using existing social network data. Certifeye verifies that the information users report on their online dating profile (e.g., age, relationship status, and/or photos) matches that displayed on their own Facebook profile. Finally, we present the results of a 161-user Mechanical Turk study assessing whether our veracity-enhancing interface successfully reduced concerns in online dating users and find a statistically significant trust increase.Comment: In Proceedings of Financial Cryptography and Data Security (FC) Workshop on Usable Security (USEC), 201

Press accept to update now: Individual differences in susceptibility to malevolent interruptions

© 2017 The Authors Increasingly, connected communication technologies have resulted in people being exposed to fraudulent communications by scammers and hackers attempting to gain access to computer systems for malicious purposes. Common influence techniques, such as mimicking authority figures or instilling a sense of urgency, are used to persuade people to respond to malevolent messages by, for example, accepting urgent updates. An ‘accept’ response to a malevolent influence message can result in severe negative consequences for the user and for others, including the organisations they work for. This paper undertakes exploratory research to examine individual differences in susceptibility to fraudulent computer messages when they masquerade as interruptions during a demanding memory recall primary task compared to when they are presented in a post-task phase. A mixed-methods approach was adopted to examine when and why people choose to accept or decline three types of interrupting computer update message (genuine, mimicked, and low authority) and the relative impact of such interruptions on performance of a serial recall memory primary task. Results suggest that fraudulent communications are more likely to be accepted by users when they interrupt a demanding memory-based primary task, that this relationship is impacted by the content of the fraudulent message, and that influence techniques used in fraudulent communications can over-ride authenticity cues when individuals decide to accept an update message. Implications for theories, such as the recently proposed Suspicion, Cognition and Automaticity Model and the Integrated Information Processing Model of Phishing Susceptibility, are discussed

Tutorial and Critical Analysis of Phishing Websites Methods

The Internet has become an essential component of our everyday social and financial activities. Internet is not important for individual users only but also for organizations, because organizations that offer online trading can achieve a competitive edge by serving worldwide clients. Internet facilitates reaching customers all over the globe without any market place restrictions and with effective use of e-commerce. As a result, the number of customers who rely on the Internet to perform procurements is increasing dramatically. Hundreds of millions of dollars are transferred through the Internet every day. This amount of money was tempting the fraudsters to carry out their fraudulent operations. Hence, Internet users may be vulnerable to different types of web threats, which may cause financial damages, identity theft, loss of private information, brand reputation damage and loss of customers’ confidence in e-commerce and online banking. Therefore, suitability of the Internet for commercial transactions becomes doubtful. Phishing is considered a form of web threats that is defined as the art of impersonating a website of an honest enterprise aiming to obtain user’s confidential credentials such as usernames, passwords and social security numbers. In this article, the phishing phenomena will be discussed in detail. In addition, we present a survey of the state of the art research on such attack. Moreover, we aim to recognize the up-to-date developments in phishing and its precautionary measures and provide a comprehensive study and evaluation of these researches to realize the gap that is still predominating in this area. This research will mostly focus on the web based phishing detection methods rather than email based detection methods

Clinical Presentation of Patients with Ebola Virus Disease in Conakry, Guinea

BACKGROUND: In March 2014, the World Health Organization was notified of an outbreak of Zaire ebolavirus in a remote area of Guinea. The outbreak then spread to the capital, Conakry, and to neighboring countries and has subsequently become the largest epidemic of Ebola virus disease (EVD) to date. METHODS: From March 25 to April 26, 2014, we performed a study of all patients with laboratory-confirmed EVD in Conakry. Mortality was the primary outcome. Secondary outcomes included patient characteristics, complications, treatments, and comparisons between survivors and nonsurvivors. RESULTS: Of 80 patients who presented with symptoms, 37 had laboratory-confirmed EVD. Among confirmed cases, the median age was 38 years (interquartile range, 28 to 46), 24 patients (65%) were men, and 14 (38%) were health care workers; among the health care workers, nosocomial transmission was implicated in 12 patients (32%). Patients with confirmed EVD presented to the hospital a median of 5 days (interquartile range, 3 to 7) after the onset of symptoms, most commonly with fever (in 84% of the patients; mean temperature, 38.6°C), fatigue (in 65%), diarrhea (in 62%), and tachycardia (mean heart rate, \u3e93 beats per minute). Of these patients, 28 (76%) were treated with intravenous fluids and 37 (100%) with antibiotics. Sixteen patients (43%) died, with a median time from symptom onset to death of 8 days (interquartile range, 7 to 11). Patients who were 40 years of age or older, as compared with those under the age of 40 years, had a relative risk of death of 3.49 (95% confidence interval, 1.42 to 8.59; P=0.007). CONCLUSIONS: Patients with EVD presented with evidence of dehydration associated with vomiting and severe diarrhea. Despite attempts at volume repletion, antimicrobial therapy, and limited laboratory services, the rate of death was 43%

Implicit Contextual Integrity in Online Social Networks

Many real incidents demonstrate that users of Online Social Networks need mechanisms that help them manage their interactions by increasing the awareness of the different contexts that coexist in Online Social Networks and preventing them from exchanging inappropriate information in those contexts or disseminating sensitive information from some contexts to others. Contextual integrity is a privacy theory that conceptualises the appropriateness of information sharing based on the contexts in which this information is to be shared. Computational models of Contextual Integrity assume the existence of well-defined contexts, in which individuals enact pre-defined roles and information sharing is governed by an explicit set of norms. However, contexts in Online Social Networks are known to be implicit, unknown a priori and ever changing; users relationships are constantly evolving; and the information sharing norms are implicit. This makes current Contextual Integrity models not suitable for Online Social Networks. In this paper, we propose the first computational model of \emph{Implicit} Contextual Integrity, presenting an information model for Implicit Contextual Integrity as well as a so-called Information Assistant Agent that uses the information model to learn implicit contexts, relationships and the information sharing norms in order to help users avoid inappropriate information exchanges and undesired information disseminations. Through an experimental evaluation, we validate the properties of the model proposed. In particular, Information Assistant Agents are shown to: (i) infer the information sharing norms even if a small proportion of the users follow the norms and in presence of malicious users; (ii) help reduce the exchange of inappropriate information and the dissemination of sensitive information with only a partial view of the system and the information received and sent by their users; and (iii) minimise the burden to the users in terms of raising unnecessary alerts