TORPEDO: TOoltip-poweRed Phishing Email DetectiOn

Volkamer, Melanie; Renaud, Karen; Reinheimer, Benjamin

doi:10.1007/978-3-319-33630-5_12

Cited by 13 publications

(4 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Much current research focuses on counteracting biases and on shifting the Internet user to engage System 2 thinking and encourage a slower, rational, more controlled response. For example, TORPEDO deactivates links for a few seconds to encourage closer inspection of the email 19 . An additional factor that may affect the processing of information is when it is received, how the information is presented and the presence of other sensory information.…”

Section: Phishing Interventionsmentioning

confidence: 99%

Slow down and frown to improve phishing detection

Nevin¹,

Renaud²,

Finney³

2022

Computer Fraud & Security

Self Cite

View full text Add to dashboard Cite

The move to ‘digital first’ has led to increasing dependence on online services, which increases susceptibility to security incidents. 1 Human behaviours can compromise organisational information security, with myriad perpetrators willing to exploit the human propensity to trust in order to achieve such compromises. 2 Phishing emails – which present recipients with an email containing a fraudulent link or a rogue attachment that can lead to the installation of malware or facilitate a ransomware attack – are a key attack vector. But encouraging users to slow down when processing emails can help combat this threat.

show abstract

Section: Phishing Interventionsmentioning

confidence: 99%

Slow down and frown to improve phishing detection

Nevin¹,

Renaud²,

Finney³

2022

Computer Fraud & Security

Self Cite

View full text Add to dashboard Cite

show abstract

“…Research on phishing tends to fall into four categories: (1) solutions that detect and block phishing links and content with minimum or no user intervention [6], [7]; (2) phishing awareness/training approaches that aim to equip users with the required knowledge to defend themselves [8], [9]; (3) approaches that support users to detect phishing attacks by providing security cues [10]; and (4) studies that aim to determine user susceptibility to phishing by analysing their behaviours [11]. Our work falls within the scope of the latter, so this section will provide an overview of research in this area, focusing on the mobile context.…”

Section: Literature Reviewmentioning

confidence: 99%

Understanding Phishing in Mobile Instant Messaging: A Study into User Behaviour Toward Shared Links

Ahmad

Terzis

2022

Human Aspects of Information Security and Assurance

View full text Add to dashboard Cite

In recent years, users of Mobile Instant Messaging (MIM) apps like WhatsApp and Telegram are being targeted by phishing attacks. While user susceptibility to phishing in other media is well studied, the literature currently lacks studies on phishing susceptibility in MIM apps. This paper presents a study that offers the first insights into the susceptibility of users of MIM apps to phishing by investigating their behaviour towards shared links. Using an online survey, we collected data from 111 users of MIM apps and found that participants frequently click and forward links during instant messaging, while factors such as the user's relationship with the sender and the group context of the communication influence these behaviours. The results show that behaviours of most users towards shared links try to reduce their risk to phishing by trusting their friends, family and colleagues to protect them. This raises some interesting questions for further research on the effectiveness and reliability of their strategy.

show abstract

“…Clicking on unsafe links in emails Notice: TORPEDO pops up a message to inform the person of how risky the link is [150]. Liu et al [151] gathers information from social networking users to warn people about unsafe websites.…”

Section: Phishingmentioning

confidence: 99%

Ethical guidelines for nudging in information security & privacy

Renaud

Zimmermann

2018

International Journal of Human-Computer Studies

Self Cite

View full text Add to dashboard Cite

There has recently been an upsurge of interest in the deployment of behavioural economics techniques in the information security and privacy domain. In this paper, we consider first the nature of one particular intervention, the nudge, and the way it exercises its influence. We contemplate the ethical ramifications of nudging, in its broadest sense, deriving general principles for ethical nudging from the literature. We extrapolate these principles to the deployment of nudging in information security and privacy. We explain how researchers can use these guidelines to ensure that they satisfy the ethical requirements during nudge trials in information security and privacy. Our guidelines also provide guidance to ethics review boards that are required to evaluate nudge-related research.

show abstract

TORPEDO: TOoltip-poweRed Phishing Email DetectiOn

Cited by 13 publications

References 32 publications

Slow down and frown to improve phishing detection

Slow down and frown to improve phishing detection

Understanding Phishing in Mobile Instant Messaging: A Study into User Behaviour Toward Shared Links

Ethical guidelines for nudging in information security & privacy

Contact Info

Product

Resources

About