Breakthrough in cybersecurity is no phish story

March 29, 2016 by Bert Gambini
 
                                                       http://img.techxplore.com/newman/csz/news/800/2016/19-breakthrough.jpg
 
Corporations, small businesses and public sector entities have tried unsuccessfully for years to educate consumers and employees on how to recognize phishing emails, those authentic-looking messages that encourage users to open a cloaked, though malicious, hyperlink or attachment that appears harmless.
 In casual conversation, the problem sounds like a nuisance; on balance sheets, however, it's monstrous. The estimated financial tally from information loss, identity theft, service disruptions and additional security costs related to phishing exceeds $1 trillion. In fact, phishing accounts for more than one-third of the nearly 800 percent increase in cybercrimes since 2007, according to the Government Accountability Office.
 
The problem appears unstoppable, but a University at Buffalo cybersecurity expert may have finally hooked the phish that existing training methods have so far been unable to land.
 
Arun Vishwanath, an associate professor in the Department of Communication at UB, whose research specializes in how to stop online deception, has developed a groundbreaking comprehensive model that, he says, for the first time accounts for the multiple influences that contribute to the success of these attacks.
 
Vishwanath's model is a breakthrough in understanding why people fall for these schemes and could finally tilt phishing's dynamic from successful deception to effective detection.
 
Full Article