US computer scientists have unveiled an online game designed to teach surfers how to recognise phishing attacks and other web scams.
Designed by a team at Carnegie Mellon University, the game features a fish called 'Phil'.
Tests at the Carnegie Usable Privacy and Security (Cups) Laboratory found that people who spent 15 minutes playing the Anti-Phishing Phil game were better able to identify fraudulent websites than people who spent the same amount of time reading traditional anti-phishing tutorials.
"We believe that education is essential if people are to avoid being ripped-off by phishing attacks and similar online scams," said Cups Lab director Lorrie Cranor.
"Unlike viruses or spyware, phishing attacks do not exploit weaknesses in hardware or software, but take advantage of the way people use computers and their often-limited knowledge of the way computers work."
Steve Sheng, a Ph.D. student in Carnegie Mellon's Engineering and Public Policy Department, and lead developer of Anti-Phishing Phil, added: "We designed the game to teach people how to use web addresses, or URLs, to identify phishing sites. The tactic can also be useful in analysing suspicious email messages."
In addition to Cranor and Sheng, Anti-Phishing Phil developers include Carnegie Mellon faculty members Jason Hong and Alessandro Acquisti, and students Bryant Magnien and Ponnurangam Kumaraguru.
As part of ongoing field tests, the researchers asked surfers to visit the Anti-Phishing Phil site and click on the 'Play the game!' link. Participants will be asked to take a short quiz, play the game and then take another quiz.
Those who leave their email address and participate in a follow-up quiz a week later will be eligible for a raffle prize of a $100 Amazon gift card.
Kicking Palantir off of AWS is among their demands, too
Rafaela Vasquez was watching The Voice at the time of the crash, new evidence shows
PUBG price slashed on Steam after selling more than 50 million copies - as daily player numbers plunge
Use the same password for every website? It might be time to change them all