GoFuckYourself.com - Adult Webmaster Forum - View Single Post

GatorB · 05-01-2006, 11:38 AM

Article is about phishing but you might find it useful or at least interesting.

Some of the more interesting parts.

The researchers hypothesized, and found, that some Internet users have mistaken impressions about Web security and often base their trust of a site on collateral data such as "professional-looking images, animation, and ads

A majority of the phishing e-mail I get resolves to numeric addresses registered in foreign countries or misspellings of common names, such as www.hase-chase.com. The study found that participants didn't pay attention to the final addresses displayed in their Internet browser; the content on the page mattered more to them. To prove it, the study provided a spoofed Bank of the West address that used two Vs to simulate the letter W: bankofthevvest.com. Even with this URL, participants thought it was a legitimate site.

Again and again, this phishing study came back to the idea that the content on the page, not the address or the security icons displayed within the browser frame, mattered more to the sample group of highly educated Internet users. Worse, the authors concluded that legitimate, secure login pages from banking sites were not trusted by this sample group because they lacked pretty pictures. Within the study, one of the participants chose a fake Bank of the West login page simply because it had a professional-looking animation of a bear, whereas the legitimate Bank of the West login page did not. The participant reasoned the fraud site had to be real because "the animation was too professional."

http://reviews.cnet.com/4520-3513_7-...?tag=cnetfd.sd

05-01-2006, 11:38 AM
GatorB The Demon & 12clicks Industry Role: Join Date: Oct 2001 Location: SallyRand is a FAGGOT Posts: 18,208	Proof surfers are stupid. Article is about phishing but you might find it useful or at least interesting. Some of the more interesting parts. The researchers hypothesized, and found, that some Internet users have mistaken impressions about Web security and often base their trust of a site on collateral data such as "professional-looking images, animation, and ads A majority of the phishing e-mail I get resolves to numeric addresses registered in foreign countries or misspellings of common names, such as www.hase-chase.com. The study found that participants didn't pay attention to the final addresses displayed in their Internet browser; the content on the page mattered more to them. To prove it, the study provided a spoofed Bank of the West address that used two Vs to simulate the letter W: bankofthevvest.com. Even with this URL, participants thought it was a legitimate site. Again and again, this phishing study came back to the idea that the content on the page, not the address or the security icons displayed within the browser frame, mattered more to the sample group of highly educated Internet users. Worse, the authors concluded that legitimate, secure login pages from banking sites were not trusted by this sample group because they lacked pretty pictures. Within the study, one of the participants chose a fake Bank of the West login page simply because it had a professional-looking animation of a bear, whereas the legitimate Bank of the West login page did not. The participant reasoned the fraud site had to be real because "the animation was too professional." http://reviews.cnet.com/4520-3513_7-...?tag=cnetfd.sd