How Experts Detect Phishing Scam Emails

Wash, Rick

doi:10.1145/3415231

Cited by 42 publications

(28 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…When judging the safety of a URL, experts generally have more experience and data sources to draw from but at the end they look for discrepancies in the data and their expectations [84]. They can collect the data using tools like WHOIS (ICANN's domain lookup) to learn about the registered domain owner or understand the implications of a links up-time and popularity.…”

Section: Take Down Policymentioning

confidence: 99%

“…Humans are the last point of defense for organizations as detecting phishing emails requires humans awareness of the context in which they received the phishing message, such as who they expect to receive the message from and which website they expect to visit [84]. Experts, for example, identify phishing emails by hovering over links, looking at sender emails address, and other technical information of the email; they typically learn to look at these features from training materials [84]. Training average users to identify phishing messages is a common approach which is often combined with automatic detection [9,12,43,74].…”

Section: User Trainingmentioning

confidence: 99%

See 1 more Smart Citation

I Don’t Need an Expert! Making URL Phishing Features Human Comprehensible

Althobaiti

Meng

Vaniea

2021

Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems

View full text Add to dashboard Cite

Judging the safety of a URL is something that even security experts struggle to do accurately without additional information. In this work, we aim to make experts' tools accessible to non-experts and assist general users in judging the safety of URLs by providing them with a usable report based on the information professionals use. We designed the report by iterating with 8 focus groups made up of end users, HCI experts, and security experts to ensure that the report was usable as well as accurately interpreted the information. We also conducted an online evaluation with 153 participants to compare different report-length options. We find that the longer comprehensive report allows users to accurately judge URL safety (93% accurate) and that summaries still provide benefit (83% accurate) compared to domain highlighting (65% accurate).

show abstract

Section: Take Down Policymentioning

confidence: 99%

Section: User Trainingmentioning

confidence: 99%

I Don’t Need an Expert! Making URL Phishing Features Human Comprehensible

Althobaiti

Meng

Vaniea

2021

Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems

View full text Add to dashboard Cite

show abstract

“…However, despite the ‘availability of myriads anti-phishing systems, phishing continues unabated due to inadequate detection of a zero-day attack, superfluous computational overhead and high false rates’ [ 30 , p.1]. Moreover, in their research, Wash [ 50 ] found that while technical protections against phishing reduce the number of phishing emails received, they are not perfect. This could be because individual’s phishing susceptibility may be shaped by recent phishing encounters and, more importantly, that the effect of new experience on susceptibility will be heterogeneous among users [ 9 , p.1].…”

Section: Introductionmentioning

confidence: 99%

“…This could be because individual’s phishing susceptibility may be shaped by recent phishing encounters and, more importantly, that the effect of new experience on susceptibility will be heterogeneous among users [ 9 , p.1]. To better understand the cognitive process that end users can use to identify phishing messages, Wash [ 50 ] interviewed number of IT experts about where they successfully identified emails as phishing in their own inboxes. The problem is ‘the variety of phishing attacks is very broad, and usage of novel, more sophisticated methods complicate its automated filtering’ [ 33 , p.1].…”

Section: Introductionmentioning

confidence: 99%

How Good Are We at Detecting a Phishing Attack? Investigating the Evolving Phishing Attack Email and Why It Continues to Successfully Deceive Society

2022

View full text Add to dashboard Cite

Phishing attacks are on the increase. The fact that our ways of living, studying and working have drastically changed as a result of the COVID pandemic (i.e., almost everything being done online) has created many new cyber security concerns. In particular, with the move to remote working, the number of phishing emails threatening employees has increased. The 2020 Phishing Attack Landscape Report (Greathorn: 2020 Phishing attack landscape. https://info.greathorn.com/report-2020-phishing-attack-landscape/, 2020) highlights a sharp increase in the frequency of attempted phishing attacks. In this paper, we are interested in how the phishing email attack has evolved to this very threatening state. In detail, we explore the current phishing attack characteristics especially the growing challenges that have emerged as a result of the COVID-19 pandemic. The paper documents a study that presented test participants with five different categories of emails (including phishing and non phishing) . The findings from the study show that participants, generally, found it difficult to detect modern phishing email attacks. Saying that, participants were alert to the spelling mistakes of the older phishing email attacks, sensitive information being requested from them and any slight change to what they were normally used to from an email. Moreover, we have found that people were not confident, worried and often dissatisfied with the current technologies available to protect them against phishing emails. In terms of trust, these feelings alerted us to the increasing severity of the phishing attack situation and just how vulnerable society has become/ still is.

show abstract

“…Yet, all phishing emails with links can be identified through the URL behind each link. However, [23] showed that most people are not aware of this and [3] demonstrated that people have problems reading URLs correctly.…”

Section: Introductionmentioning

confidence: 99%

SMILE - Smart eMaIl Link Domain Extractor

Mossano

Berens

Heller

et al. 2022

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Phishing over email continues to be a significant threat, as such messages still end up in users’ inboxes. Several studies showed that users rarely check the URL in the statusbar before clicking a link and that they have difficulties reading URLs. To support users, we propose SMILE (Smart eMaIl Link domain Extractor), a novel approach that provides the relevant information to distinguish between legitimate and phishing emails checking the links in them. Once applied, SMILE modifies all links in an email to contain the domain and top-level-domain of the URL behind them, e.g., “Click here” in an legitimate Amazon email is modified to “Click here [amazon.com]”.

show abstract

How Experts Detect Phishing Scam Emails

Cited by 42 publications

References 35 publications

I Don’t Need an Expert! Making URL Phishing Features Human Comprehensible

I Don’t Need an Expert! Making URL Phishing Features Human Comprehensible

How Good Are We at Detecting a Phishing Attack? Investigating the Evolving Phishing Attack Email and Why It Continues to Successfully Deceive Society

SMILE - Smart eMaIl Link Domain Extractor

Contact Info

Product

Resources

About