A preview of the PDF is not available
Security Education against Phishing: A Modest Proposal for a Major Rethink
Abstract and Figures
User education must focus on challenging and correcting the misconceptions that guide current user behavior. To date, user education on phishing has tried to persuade them to check URLs and a number of other indicators, with limited success. The authors evaluate a novel antiphishing tool in a realistic setting—participants had to buy tickets under time pressure and lost money if they bought from bad sites. Although none of the participants bought from sites the tool clearly identified as bad, 40 percent risked money with sites flagged as potentially risky, but offering bargains. When tempted by a good deal, participants didn't focus on the warnings; rather, they looked for signs they thought confirmed a site's trustworthiness.
Figures - uploaded by Angela Sasse
All figure content in this area was uploaded by Angela Sasse
Content may be subject to copyright.