UTSA study shows how phishing scams thrive on overconfidence
(Jan. 9, 2017) -- A new study by H.R. Rao, AT&T Distinguished Chair in Infrastructure Assurance and Security at The University of Texas at San Antonio (UTSA), examines overconfidence in detecting phishing e-mails. According to Rao, most people believe they're smarter than the criminals behind these schemes, which is why so many fall easily into a trap.
"A big advantage for phishers is self efficacy," Rao, a UTSA College of Business faculty member, said. "Many times, people think they know more than they actually do, and are smarter than someone trying to pull of a scam via an e-mail."
However, phishing has continued to evolve with the internet. It's no longer strangers posing as troubled Nigerian princes looking to cheat the average person out of their credit card information. Instead, phishing e-mails often look like messages from companies ordinary people recognize and trust.
"They're getting very good at mimicking the logos of popular companies," Rao said.
The researcher was actually nearly caught up in a phishing scam last year, when an e-mail that appeared to be from UPS informed him that there was a problem with a package he had sent. Even Rao, a highly experienced cybersecurity researcher, nearly fell for the scam, as he happened to have recently mailed a package via UPS.
"In any of these situations, overconfidence is always a killer," he said.
Rao's study, which he collaborated on with colleagues from The University of Texas at Arlington and Columbia College, utilized an experimental survey that had subjects choose between the genuine and the sinister e-mails that he and his colleagues had created for the project. Afterward, the subjects explained why they made their choices, which allowed Rao to classify which type of overconfidence was playing a role in their decision-making processes.
"Our study's focus on different types of over-confidence is unique, and allows us to understand why certain tactics appeal to different people," Rao said. "It helps us to figure out ways to teach people to guard against these kinds of methods."
According to Rao, people will continue to be victimized by phishing scams until the public becomes better educated and, subsequently, less overconfident. He suggested citizen workshops or even an online game that would inform people of the newer every day dangers of the internet.
"Thousands of e-mails are sent out every day with the aim of harming someone or gaining access to their financial information," Rao said. "Avoiding that kind of damage is entirely in our own hands."
UTSA is ranked among the top 400 universities in the world and among the top 100 in the nation, according to Times Higher Education.
Read H.R. Rao's study "Overconfidence in Phishing E-mail Detection."
Learn more about the UTSA Department of Information Systems and Cyber Security.
Learn more about cybersecurity at UTSA.
Tour the new Blackboard homepage, navigation, and features for the upcoming semester. The agenda includes an Introduction to Blackboard Cloud, a tour of the new Blackboard homepage and navigation; review improvements to course management, and a question and answer session.Virtual Event
Help us welcome back Campus Recreation with our VIP Day. Sign up for your social-distanced tour where you will get to experience some of the incredible programs and offerings we are bringing you this semester.Recreation Center, Main Campus
The Welcome Back Social is a great way to meet new people and make new friends. You can also win some prizes! Playfair is a high-spirited, high-energy event that allows students to interact with each other and laugh with each other and feel a part of an exciting campus community. This year, we feature Playfair Online! as part of the event.Virtual Event
Join us to kickoff the spring semester! We will have events happening all week and please participate in all that you can. Learn about upcoming opportunities within your academic department in virtual sessions with faculty, alumni, and student organizations. This is a great way to get involved in the UTSA COE/CACP community.Virtual Event
The Adobe Creative Campus Kickoff will introduce students to Adobe software and how they can use it to produce professional content for their courses. Students will learn about UTSA’s Adobe Creative Campus program and how they can access the software. Time permitting, there will be an overview of Adobe Creative Cloud.Virtual Event
Want to study abroad but aren't sure where to start? Our Study Abroad Information Session is a great way to hear about the options available to those interested in pursuing a global academic experience! Here you can learn about program types, scholarships, and other essential information!Virtual Event
Tune in to learn about the best picks for having an easy and fun digital Spring. We will be introducing you to the new Blackboard experience and showing you how to access essential digital tools that are free! In this session, you’ll find resources that are UTSA exclusive.Virtual Event