Facebook accounts are secured against unauthorized access through passwords and device-level security. Those , however, may not be sufficient to prevent social insider attacks, where attackers know their victims, and gain access to a victim’s account by interacting directly with their device. Continue reading “Social Insider Attacks on Facebook”
Social Insider Attacks on Facebook
“I’m too Busy to Reset my LinkedIn Password”
A common security practice used to deal with a password breach is locking user accounts and sending out an email to tell users that they need to reset their password to unlock their account. This paper evaluates the effectiveness of this security practice based on the password reset email that LinkedIn sent out around May 2016, and through an online survey conducted on 249 LinkedIn users who received that email. Our evaluation shows that only about 46% of the participants reset their passwords. Continue reading ““I’m too Busy to Reset my LinkedIn Password””
Going After Vulnerable Population to Defend It
The orthodox paradigm to defend against automated social-engineering attacks in large-scale socio-technical systems is reactive and victim-agnostic. Defenses generally focus on identifying the attacks/attackers (e.g., phishing emails, social-bot infiltrations, malware offered for download). To change the status quo, we propose in our paper presented at NSPW ’16 to identify, even if imperfectly, the vulnerable user population, that is, the users that are likely to fall victim to such attacks. Once identified, information about the vulnerable population can be used in two ways. Continue reading “Going After Vulnerable Population to Defend It”
Collaborative Study of Snooping on Mobile Phones Gets SOUPS Award
SOUPS ’16 paper on the prevalence of snooping on mobile phones has received Distinguished Paper award. The paper reports a series of quantitative studies that allowed a more accurate measurement of this phenomena. The study was led by our collaborators at the University of Lisbon. It was inspired by our previous study presented at Mobile CHI ’13. Continue reading “Collaborative Study of Snooping on Mobile Phones Gets SOUPS Award”
Sharing Health Information on Facebook Among Americans
Motivated by the benefits, people have used a variety of web-based services to share health information (HI) online. Among these services, Facebook, which enjoys the largest population of active subscribers, has become a common place for sharing various types of HI. Continue reading “Sharing Health Information on Facebook Among Americans”