Posted by & filed under Uncategorized.

Scary stuff.

Link: Why phishing catches punters | The Register.

Users fixate on the weirdest things

The site that fooled all but one participant in the study was for Bank of the West (that’s a link to the real website … or is it?). On that site was a cute animated video of a bear. Evidently that tickled a number of the users who reloaded the page several times to see that animated bear. In fact, some of the participants said that the animation was proof that the site was legit, since it would take too much effort to copy it!

The ordinary folks in the study also figured that if a site has ads on it, then that increases the likelihood that it’s not a fake. Likewise, the presence of a favicon (the little icon that appears in the address bar to the left of the URL) was deemed indicative of a site that was not out to steal your money and identity. Amazing what people glom onto.

One Response to “Why phishing catches punters – The Register”

  1. Mary Branscombe

    It used to be easy to spot spam and hacking/phishing email because there would always be a grammar or spelling mistake (rather like ignoring virus warnings in ALL CAPS). The converse is that you presume any site done professionally is professional, when it might just be stealing professional content. Just thinking about how tools like the IE 7 phishing filter work (http://www.regdeveloper.co.uk/2006/06/06/getting_ie7_right/ and http://marypcb.livejournal.com/184445.html) make my head feel I’m following a design plan by Escher

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.