ACTION-117 Some background on the psychological phenomenon known as the confirmation bias: Definition: A tendency to search for or interpret information in a way that confirms one's preconceptions (cite: Wikipedia, http:// en.wikipedia.org/wiki/Confirmation_bias) Effects on Phishing: Humans are very bad at generating testable hypotheses, and people will try to confirm their hypotheses (confirmation bias). The result is that people are more likely to accept an invalid but plausible conclusion (this site is real thus the email telling me to update my personal information was real) than a valid but implausible one (both the email and the site are fake). [Gutmann, Phishing Tips and Techniques, http://www.cs.auckland.ac.nz/ ~pgut001/pubs/phishing.pdf] This closes ACTION-117 cheers, mikeReceived on Tuesday, 6 March 2007 06:37:05 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:46 GMT