UTSA study shows how phishing scams thrive on overconfidence
(Jan. 9, 2017) -- A new study by H.R. Rao, AT&T Distinguished Chair in Infrastructure Assurance and Security at The University of Texas at San Antonio (UTSA), examines overconfidence in detecting phishing e-mails. According to Rao, most people believe they're smarter than the criminals behind these schemes, which is why so many fall easily into a trap.
"A big advantage for phishers is self efficacy," Rao, a UTSA College of Business faculty member, said. "Many times, people think they know more than they actually do, and are smarter than someone trying to pull of a scam via an e-mail."
However, phishing has continued to evolve with the internet. It's no longer strangers posing as troubled Nigerian princes looking to cheat the average person out of their credit card information. Instead, phishing e-mails often look like messages from companies ordinary people recognize and trust.
"They're getting very good at mimicking the logos of popular companies," Rao said.
The researcher was actually nearly caught up in a phishing scam last year, when an e-mail that appeared to be from UPS informed him that there was a problem with a package he had sent. Even Rao, a highly experienced cybersecurity researcher, nearly fell for the scam, as he happened to have recently mailed a package via UPS.
"In any of these situations, overconfidence is always a killer," he said.
Rao's study, which he collaborated on with colleagues from The University of Texas at Arlington and Columbia College, utilized an experimental survey that had subjects choose between the genuine and the sinister e-mails that he and his colleagues had created for the project. Afterward, the subjects explained why they made their choices, which allowed Rao to classify which type of overconfidence was playing a role in their decision-making processes.
"Our study's focus on different types of over-confidence is unique, and allows us to understand why certain tactics appeal to different people," Rao said. "It helps us to figure out ways to teach people to guard against these kinds of methods."
According to Rao, people will continue to be victimized by phishing scams until the public becomes better educated and, subsequently, less overconfident. He suggested citizen workshops or even an online game that would inform people of the newer every day dangers of the internet.
"Thousands of e-mails are sent out every day with the aim of harming someone or gaining access to their financial information," Rao said. "Avoiding that kind of damage is entirely in our own hands."
UTSA is ranked among the top 400 universities in the world and among the top 100 in the nation, according to Times Higher Education.
Read H.R. Rao's study "Overconfidence in Phishing E-mail Detection."
Learn more about the UTSA Department of Information Systems and Cyber Security.
Learn more about cybersecurity at UTSA.
UTSA Main Campus will serve as a designated polling station during the early voting period, today through October 30, and on Election Day, November 3.H-E-B Student Union Ballroom (HSU 1.104)
Alumni who majored in criminology & criminal justice, demography, kinesiology, nutrition & dietetics, psychology, public administration, public health, social work and sociology—you have a new UTSA college to call home. You’re invited to get to know the new college better during HCaP Happy Hour. Each happy hour starts with a brief discussion to introduce you to the work in the featured department before opening to questions, comments and your ideas.Virtual Event
Want to add Adobe programs to your course but you aren’t sure how? Stop by Adobe Office Hours for a casual conversation on how you can implement Adobe in your classroom.VIrtual Event
Gamified courses increase students’ motivation and participation and allow for the capability to reinforce knowledge and skills such as problem-solving, critical thinking, collaboration, persistence, and creativity. In a game-based learning environment, learners are involved in a more challenging, meaningful, empowering, and deep understanding process. Get engaged with us in a playful session about game design in Blackboard Learn.Virtual Event
Join this informative, interactive webinar with practical tips on how to plan your charitable giving now and for the future. Michael Perkins, member of the UTSA Alumni Association and the UTSA College of Business Accounting Advisory Board, is no stranger to gift planning. As managing partner and CEO of Slattery Perkins Ramirez P.C. (“SPR”) his primary areas of focus include counseling business owners, executives, and other high net worth individuals on personal financial issues, including estate planning, wealth transfer, and income tax planning techniques. Michael also practices philanthropy himself – establishing an endowed scholarship at UTSA as well as supporting numerous charitable causes throughout San Antonio.Virtual Event
UTSA Main Campus is a voting poll for Election Day on November 3.H-E-B Student Union Ballroom (HSU 1.104
The University of Texas at San Antonio Office of Undergraduate Research (OUR) Annual Undergraduate Research and Creative Inquiry Showcase features undergraduate student research and creative endeavors from across the university.VIrtual Event