Deception Detection: Study of Information Manipulation through Electronic Identity Theft-Email Forgery in the U.S. Military

Abstract

This research describes the results of a field experiment which examines the effects of warnings on system trust and individual awareness in government computer systems through the use of email forgery. The experiment consisted of forging a trusted government email account and trying to get government computer users to reply to a forged email address. The results revealed that warning individuals about possible email forgery did not increase their awareness or reduce their level of system thrust in the email system nor did it increase their ability to detect email forgery. The results did determine that government computer users are extremely vulnerable to email forgery and that new security measures need to be adapted to protect these systems from this type of threat. The culmination of this effort was to support the use of email authentication through the use of the new common access card (i.e., smart card or CAC) by the military. Recommendations to implement effective email authentication and encryption capabilities.