Phil makes anti-phishing education child's play

Researchers create game to raise awareness.

Researchers at Carnegie Mellon University have created an interactive game designed to teach players how to identify phishing URLs and how to be aware of phishing dangers and fraudulent websites when navigating the Internet.

The phishy game features, appropriately enough, a fish called Phil, who lives in 'Interweb Bay' and whose task is to identify URLs (represented by swimming worms) as good (edible) or bad (non-edible). The game's developers claim that, in tests, people who spent 15 minutes playing 'Anti-phishing Phil' were better able to identify phony websites than those who spent 15 minutes participating in more traditional anti-phishing tutorials.

The Nemo-esque Phil and friends will certainly appeal to younger web users, although the game's developers pitch their product as an entertaining way to educate employees or customers - and one wonders exactly how employees and customers will feel being asked to participate in a somewhat pedestrian game whose graphics resemble a child's cartoon. However, the use of the game in schools could certainly prove to be a successful strategy.

A preview version of Anti-Phishing Phil is available at http://cups.cs.cmu.edu/antiphishing_phil/ and, in collaboration with Portugal Telecom, a Portuguese version of the game ('Anti-Phishing Ze' - which appears to feature a bright green frog in place of the fish) is also available.

Anti-Phishing Phil