@inproceedings{c98273d443204050925ab20727d7e085,
title = "Judging Phishing under Uncertainty: How Do Users Handle Inaccurate Automated Advice?",
abstract = "Providing accurate and actionable advice about phishing emails is challenging. The majority of advice is generic and hard to implement. Phishing emails that pass through filters and land in user inboxes are usually sophisticated and exploit differences between how humans and computers interpret emails. Therefore, users need accurate and relevant guidance to take the right action. This study investigates the effectiveness of guidance based on features extracted from emails, which even in AI-driven systems can sometimes be inaccurate, leading to poor advice. We examined three conditions: control (generic advice), perfect advice, and realistic advice, through an online survey of 489 participants on Prolific, and measured user accuracy and confidence in phishing detection with and without guidance. Our findings indicate that having advice specific to the email is more effective than generic guidance (control). Inaccuracies in the guidance can also impact user decisions and reduce detection accuracy.",
keywords = "Attack Detection, Phishing, Security, User Guidance",
author = "Tarini Saka and Kalliopi Vakali and Jenkins, \{Adam D.G.\} and Nadin Kokciyan and Kami Vaniea",
note = "Publisher Copyright: {\textcopyright} 2025 Copyright held by the owner/author(s).; 2025 CHI Conference on Human Factors in Computing Systems, CHI 2025 ; Conference date: 26-04-2025 Through 01-05-2025",
year = "2025",
month = apr,
day = "26",
doi = "10.1145/3706598.3714267",
language = "English",
series = "Conference on Human Factors in Computing Systems",
publisher = "Association for Computing Machinery",
pages = "1--18",
booktitle = "CHI 2025 - Proceedings of the 2025 CHI Conference on Human Factors in Computing Systems",
address = "United States",
}