Issue No. 02 - March/April (2008 vol. 6)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.52
Nathaniel Johnson , Indiana University
Markus Jakobsson , Palo Alto Research Center
Peter Finn , Indiana University
The authors argue that user studies are vital in order to improve our understanding of online fraud and other sociotechnical security problems. They then provide an overview of common approaches and describe how to carry out the approach that they believe results in the most accurate measurements, the so-called naturalistic phishing experiment. They give examples of such experiments, and illustrate ethical and technical issues that may arise for such experiments.
deceit, debriefing, ethics, experiment, fraud, naturalistic, phishing, subject-expectancy bias
Nathaniel Johnson, Markus Jakobsson, Peter Finn, "Why and How to Perform Fraud Experiments", IEEE Security & Privacy, vol. 6, no. , pp. 66-68, March/April 2008, doi:10.1109/MSP.2008.52