UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Presenting Suspicious Details in User-Facing E-mail Headers Does Not Improve Phishing Detection

Zheng, Sarah; Becker, Ingolf; (2022) Presenting Suspicious Details in User-Facing E-mail Headers Does Not Improve Phishing Detection. In: Proceedings of the Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022). USENIX Association: Boston, MA, USA. Green open access

[thumbnail of Becker_efs_manuscript.pdf]
Preview
Text
Becker_efs_manuscript.pdf - Accepted Version

Download (738kB) | Preview

Abstract

Phishing requires humans to fall for impersonated sources. Sender authenticity can often be inferred from e-mail header information commonly displayed by e-mail clients, such as sender and recipient details. People may be biased by convincing e-mail content and overlook these details, and subsequently fall for phishing. This study tests whether people are better at detecting phishing e-mails when they are only presented with user-facing e-mail headers, instead of full emails. Results from a representative sample show that most phishing e-mails were detected by less than 30% of the participants, regardless of which e-mail part was displayed. In fact, phishing detection was worst when only e-mail headers were provided. Thus, people still fall for phishing, because they do not recognize online impersonation tactics. No personal traits, e-mail characteristics, nor URL interactions reliably predicted phishing detection abilities. These findings highlight the need for novel approaches to help users with evaluating e-mail authenticity.

Type: Proceedings paper
Title: Presenting Suspicious Details in User-Facing E-mail Headers Does Not Improve Phishing Detection
Event: Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022)
Location: Boston, MA
Dates: 7 Aug 2022 - 9 Aug 2022
Open access status: An open access version is available from UCL Discovery
Publisher version: https://www.usenix.org/conference/soups2022/presen...
Language: English
Additional information: This version is the author accepted manuscript. It is made available under a Creative Commons Attribution 4.0 International (CC BY 4.0) Licence (https://creativecommons.org/licenses/by/4.0/).
UCL classification: UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Security and Crime Science
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL
URI: https://discovery.ucl.ac.uk/id/eprint/10150548
Downloads since deposit
74Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item