Authors:
Stefanie Pham
1
;
Matthias Schopp
2
;
Lars Stiemert
2
;
Sebastian Seeber
2
;
Daniela Pöhn
2
and
Wolfgang Hommel
2
Affiliations:
1
Ludwig-Maximilians-Universität München, Munich, Germany
;
2
Research Institute CODE, Universität der Bundeswehr München, Munich, Germany
Keyword(s):
Phishing, Social Engineering, Security, Email, Signatures.
Abstract:
Phishing is a type of scam designed to steal users’ personal information, e.g. passwords, credit card information, or other account details. Phishing websites look similar to legitimate ones, making it difficult for users to differentiate between them. Phishing attacks are constantly being improved and the range of techniques used are continuously expanded. Signatures and encryption in emails are security mechanisms that phishers could attempt to misuse. This paper analyses the potential of these methods. Two comparative studies on the effect of Pretty Good Privacy (PGP) signatures and encryption in phishing mails were conducted. The effect was analysed in social and security-related contexts and with computer-savvy as well as regular recipients. We examined the factors computer experience, signature, encryption, signature and encryption, as well as interaction between computer experience and signatures. The results indicate a potential for misuse. Observations made during this study
are stated along with future work.
(More)