Markus Jakobsson


When friendly 'from' names become enemies

How friendly email from names, smartphones, and social media create a perfect opportunity for social engineering scams.

Mobile password security by the numbers

ITworld.com – Passwords are everywhere. We are not allowed to reuse passwords. We must not forget them. We must constantly change them -- and avoid reusing components in order to bolster security -- which of course increases the...

Career planning: So you want to be a researcher

ITworld.com – This is written with the goal to help students and junior researchers, and is the type of advice I give students and junior colleagues when I coach them. Of course, not everybody works the same way. This might be good...

Looking for malware in all the wrong places?

Anti-virus products scan for malware in two ways. They look for sequences of bits that are found in programs that are known to be bad (but which are not commonly found in good programs). And they run programs in sandboxes and look...

Will mobile payments usher in a new era of crime?

PARC – Amazon.com used to only sell books, which are hard for criminals to resell. Then they added electronics, jewelry, and much more -- which made them a more attractive target for fraud. Now, with the recent news that they...

Predicting the future of fraud

PARC – We are not paying enough attention to how to defend against fraud. That is: against existing fraud. When it comes to likely future fraud, we are pathetic. It is hardly an exaggeration to say that nothing is done at...

How to design a security education campaign

When possible, security threats should be addressed using improved technology or by policy changes, but sometimes, neither of those approaches works. When we cannot change how things work, we have to change what people do. We need...

Auto-detecting malware? It's possible

It's nearly impossible for anti-virus protectors to keep up with the pace of malware – producing descriptions of what that malware looks or acts like – around the clock, especially with forty thousand new and unique malware instances...

Fear mobile malware

Online criminals have many tools for committing fraud and theft, including phishing and, increasingly, malware. Malware (e.g., viruses) can steal your passwords from keyboards or GUIs, scour your computer for sensitive account...

Experimenting on Mechanical Turk: 5 How Tos

Performing human-subjects experiments on Amazon Mechanical Turk offers many benefits, including very low experiment costs, quick turn-around rates, and relatively simple approvals from human subjects boards. But you have to be...

Sarah Palin goes the way of Paris Hilton

Wednesday, it was reported that VP candidate Sarah Palin's Yahoo account was hacked by a perpetrator wishing to find incriminating information in her emails. It was not done using some strange computer security vulnerability. It was...

Load More