Susceptibility of university students to fake email requesting their password
Study: Ask and Ye Shall Receive: A Study in Social Engineering
Date: April 1996
336 computer science students at the University of Sydney were sent an email message asking them to supply their password to `validate' the password database after a suspected breakin.
However, very few attempts were made to report the message to the university authorities.
Date: April 1996
336 computer science students at the University of Sydney were sent an email message asking them to supply their password to `validate' the password database after a suspected breakin.
 | returned a valid password |
| returned a plausible looking but invalid password |
| changed their passwords without official prompting in the two weeks following the experiment. |
However, very few attempts were made to report the message to the university authorities.