magazine
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
NEWS & VIEWS<br />
© Rex<br />
Spyware<br />
tracking sees<br />
dramatic<br />
increase<br />
The use of spyware to track a<br />
partner’s movements, texts and<br />
phone calls is on the rise.<br />
A recent survey by UK domestic<br />
violence charity Women’s Aid found<br />
that 41% of domestic abuse victims<br />
had been the subject of harassment<br />
using electronic devices or spyware<br />
that tracked their movements, calls<br />
or texts.<br />
“We increasingly hear stories of<br />
abusers adding tracking software<br />
to phones, placing spyware on<br />
personal computers and using the<br />
Internet to gather information about<br />
their partner,” says Polly Neate, CEO<br />
of Women’s Aid.<br />
“In many cases the police are not<br />
trained to recognize and understand<br />
the impact of online abuse, including<br />
tracking, and action is rarely taken<br />
against abusers.”<br />
THE TEAM<br />
Three members of the team<br />
behind the Windigo paper<br />
share their stories.<br />
ALEXIS DORAIS-JONCAS<br />
An ESET employee since 2010, Alexis cocreated<br />
the ESET Canada office back in<br />
2011 and is currently security intelligence<br />
team lead. Alexis lists the Festi botnet as<br />
his most hated piece of malware.<br />
Can we predict who will<br />
fall for phishing scams?<br />
By David Harley, Senior Research Fellow, ESET<br />
User profiling is an interesting<br />
approach to countering phishing.<br />
But another – supplementary –<br />
approach would be to analyze the<br />
behavior of the PC user and use that<br />
analysis to flag risky behavior and<br />
attempt some sort of remediation.<br />
One idea in a corporate product<br />
would be to alert not only the user, but<br />
the system administrator, who might<br />
recommend training, for instance. In<br />
a training tool, risky behavior might<br />
be addressed by switching the subject<br />
to a different, more intensive module.<br />
I’d think that would be compatible<br />
with the future research envisaged by<br />
the authors of the paper Keeping Up<br />
With the Joneses: “Assessing Phishing<br />
Susceptibility In An Email Task”<br />
presented by Kyung Wha Hong of North<br />
Carolina State University.<br />
In fact, there’s a great deal of academic<br />
literature out there on susceptibility to<br />
phishing. What is less clear to me is how<br />
you develop a profile while avoiding the<br />
pitfalls of stereotyping through oversimplification<br />
of social representation.<br />
The authors of the “Phishing<br />
Susceptibility” paper seem to have<br />
a profile in mind already. While it’s<br />
unsurprising that dispositional trust<br />
affects susceptibility to phishing,<br />
the study also suggests that gender,<br />
introversion and openness to new<br />
experiences were also a factor.<br />
However, it’s not always clear which<br />
way those factors work – or indeed<br />
how representative the population of<br />
participants (53 American undergrads<br />
aged between 18 and 27) is to the<br />
population as a whole. Meanwhile, the<br />
phishers keep honing their attacks.<br />
MARC-ETIENNE M.LÉVEILLÉ<br />
Marc-Etienne has been a malware<br />
researcher at ESET since 2012 and<br />
says his biggest Internet challenge is<br />
malware that steals money and destroys<br />
documents. Which explains<br />
his interest in Windigo…<br />
SÉBASTIEN DUQUETTE<br />
A computer science graduate from<br />
Université du Québec à Montréal,<br />
Sébastien’s golden rule is ‘keep your<br />
software up to date’. As a malware<br />
researcher for ESET, he says exploit kits<br />
are his biggest pet peeve.<br />
welivesecurity.com 5