This Could Happen to You: Reasons for Clicking on Ransomware-Infected Links and Attachments

Thursday, January 19, 2017

11:00 AM - 12:00 PM PST

60 minutes, including Q&A

This Could Happen to You: Reasons for Clicking on Ransomware-Infected Links and Attachments by Zinaida Benenson
Real-time, Unified Endpoint Protection by SentinelOne

Ransomware has become a serious problem for organizations. Social engineering methods that persuade users to execute the fatal click on an infected link or an attachment has been getting more and more sophisticated, making defense especially difficult. In this talk, I will discuss user involvement in protection measures. Why do some users seem to be immune to educational attempts? What is the feasible level of defense that we can expect from motivated and security-aware people? Unsafe security behavior is driven by natural and indispensable human time-saving heuristics, such as judging the trustworthiness of a message by whether its content and context fit the expectations of the user. Moreover, habituation and emotional state also play an important role. I will argue that by careful design and timing of a message, it should be possible to make virtually any person click. I will further discuss that knowing more about security decisions of non-expert users can help defenders in devising more efficient security solutions without setting unrealistic expectations on security behavior of people.

Brought to you by:



Zinaida Benenson

Zinaida Benenson

Zinaida Benenson is a Senior Researcher at the University of Erlangen-Nuremberg, Germany, where she leads the Human Factors in Security and Privacy Group. Her research interests include usability, risk perception and decision making in security and privacy, and also security and privacy issues in the Internet of Things. Zinaida received her PhD from the University of Mannheim, Germany, on the topic of cryptographic access control protocols.

Sponsor Presenter:

Gary Mello

Gary Mello

Gary Mello is the Director of Solutions Architecture at SentinelOne where he is responsible for managing all technical initiatives for the Western United States. Gary has over 15 years of Cyber Security experience and previously worked for Proofpoint, McAfee/Intel, Carbon Black/Bit9, Imprivata, and Juniper Networks.

Sustaining Partners