Will users ever smarten up about phishing?

Phishing researchers will congregate at Carnegie Mellon University Oct. 4-5 to debate whether users ever will get a clue about the dangers of phishing, among other issues pertaining to online crime.

Also on the agenda of the second annual Anti-Phishing Working Group's eCrime Researchers Summit will be presentations and discussion about the security threats posed by online multiplayer games. Security expert Gary McGraw will present a keynote address on the subject (Read our recent interview with McGraw.) McGraw recently co-authored a book called Exploiting Online Games that examines how cheaters are winning at such online role-playing games such World of Warcraft, where millions of players compete in the virtual world to win battles or treasure that sometimes is sold later to avid game players for real money.

Also on the schedule will be a panel discussion of the potential for phishing-oriented, political dirty tricks online during the 2008 presidential election campaign season.

As for whether user education has an impact on reducing security breaches and phishing attacks, the jury is out. Papers presented at the event will include:

* Anti-Phishing Phil: The design and evaluation of a game that teaches people not to fall for phish

* CANTINA: A content-based approach to detecting phishing Web sites.

* You've been warned: An empirical study of the effectiveness of Web browser phishing warnings

* Phoolproof phishing prevention

Check out Network World's Alpha Doggs blog for the latest in networking research at universities and other labs.