Carnegie Mellon University
Carnegie Mellon University
Anti-Phishing Working Group
Online Games, Political Campaigns Provide Opportunities for Electronic Criminals
eCrime Researchers Reveal Threats at Meeting Hosted by Carnegie Mellon
PITTSBURGH—New computer security threats posed by online multiplayer games and the potential for political dirty tricks on the Web are among the topics that electronic crime researchers will discuss at the second annual Anti-Phishing Working Group (APWG) eCrime Researchers Summit, Oct. 4–5 at the Holiday Inn Select University Center in Oakland.
The summit, sponsored by APWG and hosted by Carnegie Mellon University's CyLab, will bring to Pittsburgh some of the world's leading industrial and academic practitioners in the field of electronic crime research.
In a keynote address, Gary McGraw, chief technology officer of Cigital Inc., a software security and quality consulting firm in Washington, D.C., will describe controversial security issues surrounding massive multiplayer online role-playing games (MMORPGs), such as World of Warcraft and Everquest. He argues that these games are a harbinger of future security problems, both because they closely monitor each player (and each player's computer) and because security problems could disrupt the multibillion-dollar online game industry.
The summit will also feature a panel on political "phishing." Conventional phishing attacks usually involve email that appears to come from a financial institution, but actually directs people to a counterfeit Web site where fraudsters steal their personal or financial data. The same tactic is ripe for exploitation by political saboteurs.
Rachna Dhamija, a post-doctoral fellow at the Harvard Center for Research on Computation and Society; Christopher Soghoian, a cybersecurity doctoral student at Indiana University; and Celeste Taylor, state coordinator of People for the American Way, are among the panelists who will discuss how phishing could be used in the 2008 national election. They will also analyze how defenses against phishing developed by financial institutions might be used in the political sphere.
The program will also include research paper and poster presentations and a panel discussion on whether user education is effective in reducing phishing attacks and other security breaches — a point of controversy among e-crime experts. Carnegie Mellon researchers will present papers examining how people respond to phishing emails and the effectiveness of anti-phishing education.
"These presentations are not just computer-science lab rat esoterica," said Peter Cassidy, the secretary general of the APWG who conceived of the eCrime Researchers Summit. "This stuff is applied research at its best from the savviest investigators in e-crime research from academe and industry."
Lorrie Cranor, associate research professor of computer science at Carnegie Mellon, is general chair for the conference, and Markus Jakobsson, associate professor of informatics at Indiana University, is program chair. For more information, visit www.ecrimeresearch.org/2007/program.html.
Press representatives interested in registering and attending the eCRS can send their inquiries to firstname.lastname@example.org.