NoPhish: An Anti-Phishing Education App

  • Gamze Canova
  • Melanie Volkamer
  • Clemens Bergmann
  • Roland Borza
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8743)

Abstract

Phishing is still a prevalent issue in today’s Internet. It can have financial or personal consequences. Attacks continue to become more and more sophisticated and the advanced ones (including spear phishing) can only be detected if people carefully check URLs. We developed a game based smartphone app – NoPhish – to educate people in accessing, parsing and checking URLs; i.e. enabling them to distinguish trustworthy and non-trustworthy websites. Throughout several levels information is provided and phishing detection is exercised.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ramzan, Z.: Phishing attacks and countermeasures. In: Handbook of Information and Communication Security, pp. 433–448. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  2. 2.
    Aaron, G., Rasmussen, R., Routt, A.: Global phishing survey: Trends and domain name use in 2h2013. Anti-Phishing Working Group (2014)Google Scholar
  3. 3.
    Sheng, S., Magnien, B., Kumaraguru, P., Acquisti, A., Cranor, L.F., Hong, J., Nunge, E.: Anti-phishing phil: The design and evaluation of a game that teaches people not to fall for phish. In: SOUPS, pp. 88–99. ACM (2007)Google Scholar
  4. 4.
    Dhamija, R., Tygar, J.D., Hearst, M.: Why phishing works. In: SIGCHI. ACM (2006)Google Scholar
  5. 5.
    Lin, E., Greenberg, S., Trotter, E., Ma, D., Aycock, J.: Does domain highlighting help people identify phishing sites? In: SIGCHI, pp. 2075–2084. ACM (2011)Google Scholar
  6. 6.
    Li, T., Han, F., Ding, S., Chen, Z.: Larx: Large-scale anti-phishing by retrospective data-exploring based on a cloud computing platform. In: ICCCN, pp. 1–5. IEEE (2011)Google Scholar
  7. 7.
    Thorndike, E.L.: The fundamentals of learning. Teachers College Bureau of Publications (1932)Google Scholar
  8. 8.
    Volkamer, M., Stockhardt, S., Bartsch, S., Kauer, M.: Adopting the cmu/apwg anti-phishing landing page idea for germany. In: STAST, pp. 46–52. IEEE (2013)Google Scholar
  9. 9.
    Jansson, K., von Solms, R.: Simulating malicious emails to educate end users on-demand. In: 2011 3rd Symposium on Web Society (SWS), pp. 74–80 (2011)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Gamze Canova
    • 1
  • Melanie Volkamer
    • 1
  • Clemens Bergmann
    • 1
  • Roland Borza
    • 1
  1. 1.Technische Universität DarmstadtGermany

Personalised recommendations