Social engineering meets behavioral economics

cybersecurity, social engineering 1 Minute

A recent paper on paying experimental subjects to run potential malware is here [pdf]. Hat tip Bruce Schneier. Money quote (and I mean money):

We show that as the price increased, more and more users who understood the risks ultimately ran the code. We conclude that users are generally unopposed to running programs of unknown provenance, so long as their incentives exceed their inconvenience. 

Published by jlolds

Native Angeleno, professor of Neuroscience and Public Policy at George Mason University

Published