According to researchers at the University of Plymouth, technology companies are not doing enough to protect users from phishing. Even though users need to ensure their awareness of threats that risk their personal and sensitive information to scammers--tech companies are capable of doing more to ensure an extra layer of protection.
In the Plymouth's Centre for Security, Communications and Network (CSCAN), academics have assessed the effectiveness of filters employed for phishing detection by various email service providers.They first used two sets of messages sent to the victim accounts, that utilizes email content retrieved from archives of reported phishing. They then studied which mailbox it was placed in within email accounts as well as if there is any explicitly labelling to denote suspicious or malicious indication.
"The poor performance of most providers implies they either do not employ filtering based on language content, or that it is inadequate to protect users. Given users' tendency to perform poorly at identifying malicious messages this is a worrying outcome. The results suggest an opportunity to improve phishing detection in general, but the technology as it stands cannot be relied upon to provide anything other than a small contribution in this context,” says Professor Steven Furnell, leader of CSCAN.
Learn more about the rise in phishing scams:
"Phishing has now been a problem for over a decade and a half. Unfortunately, just like malware, it's proven to be the cyber security equivalent of an unwanted genie that we can't put back in the bottle. Despite many efforts to educate users and provide safeguards, people are still falling victim. Our study shows the technology can identify things that we would ideally want users to be able to spot for themselves -- but while there is a net, it clearly has big holes."
Source: Science Daily