Phishing Countermeasures

Aaron Emigh, Radix Partners

Stevenson Hall 1300
12:00 PM - 12:50 PM

"Phishing" is a form of identity theft in which deception is used to trick a user into revealing confidential information with economic value. Phishing was responsible forat least $1.2 billion in direct losses last year. Starting with a threat model based on theinformation flow of a phishing attack, this presentation evaluates technical countermeasures applicable at each chokepoint to detect phishing, reduce the deceptiveness of fraudulent content, provide a trusted path over the public internet and render illicitly obtained information valueless. A combination of applied cryptographictechniques has the potential to dramatically reduce the losses due to phishing and otherforms of identity theft.