My Writing

• Risk Management Why Computer Users Don't Install Security Patches
  Users focus on web and mobile applications, not OS internals—they won't remember to patch. Give up educating people to install patches manually; updates must be completely automated without user...
• Risk Management How Information Security Professionals Are Different
• Social Networking The Use of Fake or Fraudulent LinkedIn Profiles
  Fake LinkedIn profiles have been used in targeted attacks to establish contact with employees and in bank guarantee scams. Security researchers like Thomas Ryan demonstrated how easily fictitious...
• Social Networking Scams and Malicious Activities Using the LinkedIn Website
  Scammers use linkedin.com as a URL redirector to malicious sites, post fraudulent job listings recruiting money mules, and send 419 scams through LinkedIn Inbox. LinkedIn's reputation lends...
• Social Networking The Potential for Malicious Ads on linkedin.com
  LinkedIn's ad platform allows targeting users with ads linking to arbitrary URLs, yet no confirmed malvertising incidents have occurred. Possible reasons include the relatively high minimum cost per...
• Social Networking Exploring LinkedIn Look-Alike Email Spam Campaigns
  LinkedIn-themed spam effectively distributes malicious links because users are conditioned to receive and click LinkedIn emails—often without visiting the site directly. Campaigns have led to exploit...