Conference Paper: “My Religious Aunt Asked Why I Was Trying to Sell Her Viagra: Experiences With Account Hijacking”

Here’s an interesting/informative full text research paper by three Google researchers along with a researcher at Carnegie Mellon University that will be presented at a conference in the Spring.

Title

My Religious Aunt Asked Why I Was Trying to Sell Her Viagra: Experiences With Account Hijacking

Authors

Richard Shay
Carnegie Mellon University
Iulia Ion
Google
Robert W. Reeder
Google
Sunny Consolvo
Google

Source

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems: CHI ’14, ACM, New York, NY, USA (via Robreeder.com)

Abstract

With so much of our lives digital, online, and not entirely under our control, we risk losing access to our communications, reputation, and data. Recent years have brought a rash of high-profile account compromises, but account hijacking is not limited to high-profile accounts. In this paper, we report results of a survey about people’s experiences with and attitudes toward account hijacking. The problem is widespread; 30% of our 294 participants had an email or social networking account accessed by an unauthorized party. Five themes emerged from our results: (1) compromised accounts are often valuable to victims, (2) attackers are mostly unknown, but sometimes known, to victims, (3) users acknowledge some responsibility for keeping their accounts secure, (4) users’ understanding of important security measures is incomplete, and (5) harm from account hijacking is concrete and emotional. We discuss implications for designing security mechanisms to improve chances for user adoptio

Direct to Full Text (10 pages; PDF)

Filed under: Conference Presentations, Data Files, Journal Articles, News, Patrons and Users