Why Information Security is Hard-An Economic Perspective
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Signaling Vulnerabilities in Wiretapping Systems
IEEE Security and Privacy
Passpet: convenient password management and phishing protection
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Web wallet: preventing phishing attacks by revealing user intentions
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Detecting Phishing Web Pages with Visual Similarity Assessment Based on Earth Mover's Distance (EMD)
IEEE Transactions on Dependable and Secure Computing
An evaluation of extended validation and picture-in-picture phishing attacks
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Phoolproof phishing prevention
FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
| Hi-index | 0.00 |
Currently, most means of communication include some form of identification of the sender/originator, but none of these identifications are securely authenticated (at least not conveniently or in wide use). Legitimate business entities can be misrepresented by their name, and this creates opportunities for various scams known as phishing. We propose a new end-to-end authentication scheme that can be used to authenticate companies over many means of communication including telephony, email, web, and Instant Messaging. The framework is flexible and gives concerned legitimate institutions the ability to delegate their authenticated names to employees outside the office as well as outsourcing companies.