2017
Garaizar, Pablo; Moreno-Fernandez, MM.; Blanco, F.; Matute, Helena
Fighting phishing: Improving users’ awareness about electronic fraud by discriminative training Journal Article
In: Computers in Human Behavior, vol. 69, pp. 421-436, 2017.
Abstract | Links | BibTeX | Tags: human computer interaction (hci), internet security, phisihing
@article{Garaizar2017,
title = {Fighting phishing: Improving users’ awareness about electronic fraud by discriminative training},
author = {Pablo Garaizar and MM. Moreno-Fernandez and F. Blanco and Helena Matute },
url = {https://home/learninglabdeust/public_html.sciencedirect.com/science/article/pii/S074756321630872X},
doi = {10.1016/j.chb.2016.12.044},
year = {2017},
date = {2017-04-01},
booktitle = {Computers in Human Behavior},
journal = {Computers in Human Behavior},
volume = {69},
pages = {421-436},
abstract = {Phishing is a form of electronic fraud in which attackers attempt to steal sensitive information by posing as a legitimate entity. To maintain the attack unnoticed, phishers typically use fake sites that accurately mimic real ones. However, there are usually subtle visual discrepancies between these spoof sites and their legitimate counterparts that may help Internet users to identify their deceptive nature. Among all the potential visual cues, we choose to focus on typography, because it is often hard for phishers to use exactly the same font as in the original website. Thus, Experiment 1 assessed the effectiveness of visual discrimination training to help people detect typographical discrepancies between fake and legitimate websites. Results showed higher sensitivity to differences when undergraduate students were previously trained with easier versions of the discrimination task (i.e., involving more noticeable differences in typography) than when they were trained with the difficult target discrimination from the start (easy-to-hard effect). These results were replicated with a broader and more representative sample of anonymous Internet users in Experiment 2. Implications for the design of strategies to prevent electronic fraud are discussed.
},
keywords = {human computer interaction (hci), internet security, phisihing},
pubstate = {published},
tppubtype = {article}
}
Phishing is a form of electronic fraud in which attackers attempt to steal sensitive information by posing as a legitimate entity. To maintain the attack unnoticed, phishers typically use fake sites that accurately mimic real ones. However, there are usually subtle visual discrepancies between these spoof sites and their legitimate counterparts that may help Internet users to identify their deceptive nature. Among all the potential visual cues, we choose to focus on typography, because it is often hard for phishers to use exactly the same font as in the original website. Thus, Experiment 1 assessed the effectiveness of visual discrimination training to help people detect typographical discrepancies between fake and legitimate websites. Results showed higher sensitivity to differences when undergraduate students were previously trained with easier versions of the discrimination task (i.e., involving more noticeable differences in typography) than when they were trained with the difficult target discrimination from the start (easy-to-hard effect). These results were replicated with a broader and more representative sample of anonymous Internet users in Experiment 2. Implications for the design of strategies to prevent electronic fraud are discussed.
2016
Moreno-Fernandez, MM.; Blanco, F.; Garaizar, Pablo; Matute, Helena
Fighting phishing: Improving users’ awareness about electronic fraud by discriminative training. Journal Article
In: vol. 69, pp. 421-436, 2016.
Abstract | Links | BibTeX | Tags: Discrimination learning, Easy-to-hard effect, human-computer interaction, internet security, Phishing, Visual discrimination
@article{Moreno-Fernandez2016b,
title = {Fighting phishing: Improving users’ awareness about electronic fraud by discriminative training.},
author = {MM. Moreno-Fernandez and F. Blanco and Pablo Garaizar and Helena Matute},
url = {https://home/learninglabdeust/public_html.sciencedirect.com/science/article/pii/S074756321630872X},
doi = {10.1016/j.chb.2016.12.044},
year = {2016},
date = {2016-12-19},
volume = {69},
pages = {421-436},
abstract = {Phishing is a form of electronic fraud in which attackers attempt to steal sensitive information by posing as a legitimate entity. To maintain the attack unnoticed, phishers typically use fake sites that accurately mimic real ones. However, there are usually subtle visual discrepancies between these spoof sites and their legitimate counterparts that may help Internet users to identify their deceptive nature. Among all the potential visual cues, we choose to focus on typography, because it is often hard for phishers to use exactly the same font as in the original website. Thus, Experiment 1 assessed the effectiveness of visual discrimination training to help people detect typographical discrepancies between fake and legitimate websites. Results showed higher sensitivity to differences when undergraduate students were previously trained with easier versions of the discrimination task (i.e., involving more noticeable differences in typography) than when they were trained with the difficult target discrimination from the start (easy-to-hard effect). These results were replicated with a broader and more representative sample of anonymous Internet users in Experiment 2. Implications for the design of strategies to prevent electronic fraud are discussed.
},
keywords = {Discrimination learning, Easy-to-hard effect, human-computer interaction, internet security, Phishing, Visual discrimination},
pubstate = {published},
tppubtype = {article}
}
Phishing is a form of electronic fraud in which attackers attempt to steal sensitive information by posing as a legitimate entity. To maintain the attack unnoticed, phishers typically use fake sites that accurately mimic real ones. However, there are usually subtle visual discrepancies between these spoof sites and their legitimate counterparts that may help Internet users to identify their deceptive nature. Among all the potential visual cues, we choose to focus on typography, because it is often hard for phishers to use exactly the same font as in the original website. Thus, Experiment 1 assessed the effectiveness of visual discrimination training to help people detect typographical discrepancies between fake and legitimate websites. Results showed higher sensitivity to differences when undergraduate students were previously trained with easier versions of the discrimination task (i.e., involving more noticeable differences in typography) than when they were trained with the difficult target discrimination from the start (easy-to-hard effect). These results were replicated with a broader and more representative sample of anonymous Internet users in Experiment 2. Implications for the design of strategies to prevent electronic fraud are discussed.