Phishing attacks continue to represent a significant risk to digital security due to their reliance on exploiting human vulnerabilities before those of computer systems. To try to limit the effectiveness of this threat, this paper explores new strategies to design warnings shown to users in the presence of suspicious phishing emails. A controlled experiment was conducted with 900 participants to investigate the impact of two factors on warning effectiveness: the warning activation timing (before or after the opening of an email) and the presence of explanation messages in the warning. The study results indicate that warnings displayed after users have read the content of the email significantly reduce click-through rates, demonstrating greater effectiveness in preventing phishing. Furthermore, the presence of explanations also determined a lower click-through rate. Nevertheless, displaying warnings without explanation and simpler warnings for false positive emails may be necessary. The details of these findings were presented as lessons learned that can drive the design of more effective warning systems.
Enhancing Phishing Defenses: The Impact of Timing and Explanations in Warnings for Email Clients
Greco F.;Desolda G.;Buono P.;Piccinno A.
2025-01-01
Abstract
Phishing attacks continue to represent a significant risk to digital security due to their reliance on exploiting human vulnerabilities before those of computer systems. To try to limit the effectiveness of this threat, this paper explores new strategies to design warnings shown to users in the presence of suspicious phishing emails. A controlled experiment was conducted with 900 participants to investigate the impact of two factors on warning effectiveness: the warning activation timing (before or after the opening of an email) and the presence of explanation messages in the warning. The study results indicate that warnings displayed after users have read the content of the email significantly reduce click-through rates, demonstrating greater effectiveness in preventing phishing. Furthermore, the presence of explanations also determined a lower click-through rate. Nevertheless, displaying warnings without explanation and simpler warnings for false positive emails may be necessary. The details of these findings were presented as lessons learned that can drive the design of more effective warning systems.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
