ACE Seminar: The Effectiveness of Telephone Phishing Scams and Possible Solutions

Speaker: Prof Adam Doupé

Date/Time: 06-Jun-2017, 16:00 UTC

Venue: MPEB 1.02

Details

Abstract

Telephone spam costs United States consumers around $8.6 billion annually. In 2014, the Federal Trade Commission has received over 22 million complaints of illegal and wanted calls. Clearly there are many  complaints about telephone scams, but are they really effective? And if so, what factors increase the effectiveness of the scams? This talk will present the results of a phishing experiment that we carried out involving 3,000 phishing telephone calls. We find that spoofing the caller ID greatly increases the effectiveness of telephone phishing. Due to technical reasons, the caller ID is trivially spoofed. We then propose an authentication scheme that provides the possibility of a security indicator for the caller ID service (similar to the browser’s “green lock” security indicator). We argue that standardization is necessary to protect users and prevent them from falling victim to phone impersonation scams, as well as provide a foundation for future defenses to stop unwanted calls based on the caller ID information.

Bio

Dr. Adam Doupé is an Assistant Professor in the School of Computing, Informatics, and Decision Systems Engineering (CIDSE) at Arizona State University. Prior to joining Arizona State University, he received MS (2009) and PhD (2014) degrees in Computer Science from UC Santa Barbara. His research interests include vulnerability analysis, web security, mobile security, network security, and hacking competitions. He was awarded the Best Teacher Award and Outstanding Assistant Professor Award in the Fulton Schools of Engineering at ASU in 2017, and he received the NSF CAREER award in 2017.

Add to Calendar

This page was last modified on 27 Mar 2014.