ALL CONTENT HAS BEEN NO INDEXED AND IS FOR PORTFOLIO USE ONLY.

We just discovered a great little game called Anti-Phishing Phil (thanks to this blogpost). The game was created by CMU Usable Privacy and Security Laboratory (CUPS). And it has done a pretty good job of turning internet security training into a game.

The game works like this: you are a fish named Phil who lives in the Interweb Bay. While trying to find something to eat, you need to decide which URL addresses, disguised as worms, are edible. If you are successful, you move onto other rounds. If you need any advice on identifying a legitimate URL address, Phil’s Father is there to help you. Good ol’Dad. In between rounds, you get a very clear and concise explanation of your errors and a mini-lesson on typical phishing scams.

What is Phishing?
Phishing is all too common a method of “asking” and tricking info out of unsuspecting account holders. We’ve all seen it – emails urgently asking us for financial info to receive a distant relative’s inheritance, a reputable site’s immediate request of a password change through a link, or frightening security email alerts.

You may think “who’d fall for those scams. Everyone knows how they work.” Well, the sad fact is that phishing is hard to spot for the average Joe. And it really is up to you, the user, to protect yourself. All you need to do is look at the URL of the site you are visiting. Look carefully. If it’s not correct, don’t insert your data.

Many companies have tried to implement some form of an anti-phishing method, to help their users help themselves. All of these techniques can do nothing more than try and grab your attention so that you remember to check that URL – but they can’t do much more than that. Really, it’s up to you.