The growing sophistication of phishing scams is making it increasingly hard for even perceptive computer users to avoid potential problems online. Some phishing emails now scan the browser history, identify which websites were recently visited and automatically configure themselves to look like the user’s own financial institution. When an email comes from a familiar institution, it significantly boosts the odds that the recipient will respond, experts concur.

Lorrie Faith Cranor, associate professor of computer science and engineering & public policy at Carnegie Mellon University in Pittsburgh, describes the problem as misplaced trust. “When Internet users are asked to make ‘trust’ decisions they often make the wrong decision,” she explains.

Trust, it turns out, has a lot to do with the online experience for most computer users. “Implicit trust decisions include decisions about whether or not to open an email attachment or provide information in response to an email that claims to have been sent by a trusted entity. Explicit trust decisions are decisions made in response to specific trust or security-related prompts such as pop-up boxes that ask the user whether to trust an expired certificate, execute downloaded software, or allow macros to execute,” Cranor says.

In spite of spyware, phishing and other Internet threats, most Americans say they feel safe online, according to a poll sponsored by, a consumer protection initiative. In a poll conducted by Zogby International, 88% of Internet users said they feel safe online. In addition, 84% describe themselves as armed with the information and tools needed to protect their privacy and security.

But only 24% of computer users nationwide have installed a firewall on their personal computers or regularly update anti-virus and anti-spyware, according to McAfee, a security software manufacturer, and the National Cyber Security Alliance. And corporate America got a wake-up call last spring when thousands of top executives nationwide fell for a new and highly sophisticated phishing attack requesting them to appear before a grand jury. The email installed information-stealing malware–keystroke loggers that record passwords and other personal data–that was sent to the remote attackers.

“What we have here is an Internet security paradox,” said Maxim Weinstein, who manages the team at Harvard Law School’s Berkman Center for Internet Society. “Americans see themselves as safe online, even as we see an ongoing trend of organized criminal elements using the Internet to target unsuspecting users.”

Security experts are now encouraging corporations to replace traditional signature-based antivirus and spam filtering software with more comprehensive, multilayered solutions that include content filtering, intrusion prevention and gateway antispyware.

Can You Resist a Phish?
Is it a legitimate email or a phish? The challenge is to tell the difference. If you want to find out how much you know, take the online Phishing IQ test from SonicWALL Inc. The company specializes in network security, email security, secure remote access and continuous data protection solutions.

Want to continue reading?
Become a Free ALM Digital Reader.

Once you are an ALM digital member, you’ll receive:

  • Unlimited access to GlobeSt and other free ALM publications
  • Access to 15 years of GlobeSt archives
  • Your choice of GlobeSt digital newsletters and over 70 others from popular sister publications
  • 1 free article* every 30 days across the ALM subscription network
  • Exclusive discounts on ALM events and publications

*May exclude premium content
Already have an account?


© 2023 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.



Join GlobeSt

Don't miss crucial news and insights you need to make informed commercial real estate decisions. Join now!

  • Free unlimited access to's trusted and independent team of experts who provide commercial real estate owners, investors, developers, brokers and finance professionals with comprehensive coverage, analysis and best practices necessary to innovate and build business.
  • Exclusive discounts on ALM and GlobeSt events.
  • Access to other award-winning ALM websites including and

Already have an account? Sign In Now
Join GlobeSt

Copyright © 2023 ALM Global, LLC. All Rights Reserved.