Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CHI
2008
ACM
2008
ACM
You've been warned: an empirical study of the effectiveness of web browser phishing warnings
Many popular web browsers now include active phishing warnings since research has shown that passive warnings are often ignored. In this laboratory study we examine the effectiveness of these warnings and examine if, how, and why they fail users. We simulated a spear phishing attack to expose users to browser warnings. We found that 97% of our sixty participants fell for at least one of the phishing messages that we sent them. However, we also found that when presented with the active warnings, 79% of participants heeded them, which was not the case for the passive warning that we tested--where only one participant heeded the warnings. Using a model from the warning sciences we analyzed how users perceive warning messages and offer suggestions for creating more effective phishing warnings. Author Keywords Phishing, warning messages, mental models, usable privacy and security ACM Classification Keywords
Real-time TrafficActive Phishing Warnings | CHI 2008 | Effective Phishing Warnings | Human Computer Interaction | Passive Warnings |
| Added | 30 Nov 2009 |
| Updated | 30 Nov 2009 |
| Type | Conference |
| Year | 2008 |
| Where | CHI |
| Authors | Serge Egelman, Lorrie Faith Cranor, Jason I. Hong |
Comments (0)
Researcher Info
|
