@misc{10481/101216,
year = {2017},
url = {https://hdl.handle.net/10481/101216},
abstract = {Phishing is a form of electronic fraud in which attackers attempt to steal sensitive information by posing
as a legitimate entity. To maintain the attack unnoticed, phishers typically use fake sites that accurately
mimic real ones. However, there are usually subtle visual discrepancies between these spoof sites and
their legitimate counterparts that may help Internet users to identify their deceptive nature. Among all
the potential visual cues, we choose to focus on typography, because it is often hard for phishers to use
exactly the same font as in the original website. Thus, Experiment 1 assessed the effectiveness of visual
discrimination training to help people detect typographical discrepancies between fake and legitimate
websites. Results showed higher sensitivity to differences when undergraduate students were previously
trained with easier versions of the discrimination task (i.e., involving more noticeable differences in
typography) than when they were trained with the dif cult target discrimination from the start (easy-to-
hard effect). These results were replicated with a broader and more representative sample of anonymous
Internet users in Experiment 2. Implications for the design of strategies to prevent electronic fraud are
discussed.},
organization = {Support for this research was provided by Direccion General de Investigacion of the Spanish Government (Grant No. PSI2016-78818-R).},
publisher = {ELSEVIER},
keywords = {Phishing},
keywords = {Internet security},
keywords = {Easy-to-hard effect},
keywords = {Human-computer interaction},
keywords = {Discrimination learning},
keywords = {Visual discrimination},
title = {Fishing for phishers. Improving Internet users' sensitivity to visual deception cues to prevent electronic fraud},
doi = {10.1016/j.chb.2016.12.044},
author = {Moreno Fernández, María Manuela and Blanco Bregón, Fernando and Garaizar, Pablo and Matute, Helena},
}