[Updated 5th May 2013]
Unlike the authors of some security books I could mention, I don’t suffer from the misconception that I’m the only writer worth reading in the areas of interest covered by this blog, though the list of my own writings below is pretty long. Of course, there are many articles (etc) by other people referenced in the articles below. Here are a couple of ‘external’ resources I referred to in a blog today. I’ll try to find time to add some more sooner rather than later, and eventually I’ll probably break them out into two resources pages: one for my stuff, one for the ‘external’ stuff.
- This is a paper on Anonymity and Pseudonymity in Cyberspace: Deindividuation, Incivility and Lawlessness Versus Freedom and Privacy that I first saw him present at EICAR some 15 years ago, and that I’ve had occasion to cite in my own papers and articles many times since. It’s an excellent introduction to some key psychological and ethical concepts.
- thatsnonsense.com is a site I only came across today, but it bears further examination.
[Updated 8th March 2013, and very much a work in progress]
This page links to other hoax/scam/spam-related information sites, relevant papers and articles, and so on. The resources below are all written or co-written by me.
- Origin of the Specious: the Evolution of Misinformation: Welcome to the Web 2.0 incarnation of the Misinformation Superhighway. Did you really think that hoaxing had died out? By David Harley, February 2013
- Whatever Happened to the Unlikely Lads? A Hoaxing Metamorphosis: This paper traces the evolution of email-borne chain letters, from crude virus hoaxes to guilt-tripping semi-hoaxes, and examines both their (generally underestimated) impact on enterprises and individuals, and possible mitigations. First published in Virus Bulletin 2009 Conference Proceedings.* By David Harley and Randy Abrams
- Common Hoaxes and Chain Letters: a paper for ESET
- Phish Phodder: Is User Education Helping or Hindering:a paper for Virus Bulletin’s 2007 conference by Andrew Lee and myself
- Online Shopping and a Phishing Pheeding Phrenzy: Phishing scams old and new, and some ways to recognize the baited hook before you bite off more than you can chew. By David Harley and Urban Schrott, October 2012
- PC ‘Tech Support’ Cold-Call Scam Resources: specialist resource page on the blog at AVIEN.
- Hanging on the Telephone: As if fake anti-virus products weren’t bad enough, nowadays we have unsolicited phone-calls from fake AV helpdesks. By David Harley, Urban Schrott and Jan Zeleznak, February 2011
- FUD and Blunder: Tracking PC Support Scams: Presented at the Cybercrime Forensics Education & Training Conference in September 2012, this paper looks at the support scam problem from a forensic point of view. By David Harley, Martijn Grooten, Craig Johnston and Stephen Burn.
- My PC has 32,539 errors: how telephone support scams really work: Presented at the Virus Bulletin 2012 conference in September, this is a comprehensive consideration of the ongoing evolution of the PC telephone support scam. First published in Virus Bulletin 2012 Conference Proceedings* By David Harley, Martijn Grooten, Steven Burn and Craig Johnston
Living the Meme: By David Harley, February 2012. A comment piece on how apparently innocuous Facebook games might be used as part of a data aggregation attack. Originally published in Virus Bulletin, February 2012*
- Ten Ways to Dodge CyberBullets: Reloaded An updated version of the paper “Ten Ways to Dodge CyberBullets”, addressing the question “what are the top 10 things that people can do to protect themselves against malicious activity?” By David Harley, December 2011
- Malware, Marketing and Education: Soundbites or Sound Practice?: This paper considers the practical, strategic and ethical issues that arise when the security industry augments its marketing role by taking civic responsibility for the education of the community as a whole. First presented at AVAR 2009 in Kyoto, and published in the Conference Proceedings. By David Harley and Randy Abrams
- People Patching: Is User Education Of Any Use At All?: Presents the arguments for and against education as an antimalware tool, and how to add end users as an extra layer of protection in a defense-in-depth strategy. AVAR Conference 2008. By Randy Abrams and David Harley
- Teach Your Children Well – ICT Security and the Younger Generation: Research based on surveys in Belgium and the UK on teenage understanding of internet security issues. First published in 2005 Virus Bulletin Conference Proceedings.* By David Harley, Eddy Willems, and Judith Harley
The Internet Book of the Dead: This paper is a mock interview between Dan Damon, of BBC radio and David Harley discussing the complications of a digital world when someone passes away. January 2010.
*Copyright is held by Virus Bulletin Ltd, but is made available on this site for personal use free of charge by permission of Virus Bulletin