Houston is the soon-to-be third largest city in the nation and it is home to countless organizations, big companies and institutions. All have an online component, even more so now than before the pandemic placed nearly every aspect of our lives into the digital sphere.
Rakesh Verma, Ph.D., a UH expert in such matters, said, "An attacker is always trying to defeat your methods of keeping information safe and private." Several National Science Foundation-funded projects in Verma's lab are attempting to determine data sets and best ways to combat phishing, a particularly harmful method of stealing a user’s information.
These projects, in particular one called "Scholarships for Service," helps to pay a student's way through UH's cybersecurity focus in Computer Science or related disciplines in exchange for the student working in the government (local, state, federal or tribal) cybersecurity environment for a few years after college. Working for the government is one way these students can give back after having their education financed, as the FBI is extremely clear on the fact that other governments are trying to elucidate secret intelligence from our country.
Said Christopher Wray, the head of the FBI in 2020: "If you think these issues are just an intelligence issue, or a government problem, or a nuisance largely just for big corporations who can take care of themselves—you could not be more wrong." In fact, Verma is a member of the FBI's Infragard, a network of academicians, officials and industry giants who are attempting to protect our country from outside threats.
Emails that say your account has been compromised, or that a certain website needs you to reverify your credentials are, more often than not, trying to scam the user. They result in having your password and, consequently all your personal information, stolen. "This is the fundamental thing the hacker is trying to accomplish," said Verma. Right now, you may need to "click a link" which takes you to the malware site that steals your information but hackers are getting ever more sophisticated – even as cybersecurity has become more sophisticated.
PhishBench is a tool Verma has worked on helping to create that is an educational resource for people who are trying to write anti-phishing software. This framework is considered a "detector" because it determines what are the features of a data set that can distinguish phishing emails from authentic emails. The associated dataset created in Verma's lab has already been publicly shared with over 150 researchers from all over the world, from more than 15 different countries. Additionally, Verma has a cybersecurity company in the works, which would be Houston-based and would help secure the mountains of data from being obtained and used fraudulently.