Columbia Researchers Put Metrics to Phishing Victims’ Gullibility

Researchers at Columbia University have built a small scale system that synthesizes phishing emails and measure the susceptibility of a targeted population to them.  First-round participants who fell for the simulated scams were notified of their mistake, but were NOT notified that they would also be re-targeted for future probing/attack.  As the guy who (warning, shameless plug alert) authored my company’s Cyber Safety Awareness Training product, I can’t say I’m surprised by the most depressing tidbit.  Even targets who were warned they were being taken online went as many as four successful scams before learning a bit of caution.

I’m just hitting a few highlights of course, but the full paper is an interesting read, available for download at


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: