Projects per year
Abstract / Description of output
When people identify potential malicious phishing emails one option they have is to contact a help desk to report it and receive guidance. While there is a great deal of effort put into helping people identify such emails and to encourage users to report them, there is relatively little understanding of what people say or ask when contacting a help desk about such emails. In this work, we qualitatively analyze a random sample of 270 help desk phishing tickets collected across nine months. We find that when reporting or asking about phishing emails, users often discuss evidence they have observed or gathered, potential impacts they have identified, actions they have or have not taken, and questions they have. Some users also provide clear arguments both about why the email really is phishing and why the organization needs to take action about it.
Original language | English |
---|---|
Title of host publication | Proceedings 2023 Symposium on Usable Security and Privacy (USEC) |
Publisher | The Internet Society |
Pages | 1-13 |
Number of pages | 13 |
ISBN (Electronic) | 1891562916 |
DOIs | |
Publication status | Published - 27 Feb 2023 |
Event | Symposium on Usable Security and Privacy (USEC) 2023 - San Diego, United States Duration: 27 Feb 2023 → … https://www.ndss-symposium.org/ndss-program/usec-symposium-2023/ |
Symposium
Symposium | Symposium on Usable Security and Privacy (USEC) 2023 |
---|---|
Country/Territory | United States |
City | San Diego |
Period | 27/02/23 → … |
Internet address |
Keywords / Materials (for Non-textual outputs)
- Phishing
- Security and privacy
- phishing awareness
Fingerprint
Dive into the research topics of '“I didn’t click”: What users say when reporting phishing'. Together they form a unique fingerprint.Projects
- 1 Finished
-
REPHRAIN: Research centre on Privacy, Harm Reduction and Adversarial Influence online
Elahi, T., Nissen, B. & Vaniea, K.
1/10/20 → 30/09/22
Project: Research