Publication | Closed Access
Do security toolbars actually prevent phishing attacks?
551
Citations
11
References
2006
Year
Unknown Venue
Internet SecurityEngineeringUsable SecurityInformation SecurityWeb SecuritySecurity AwarenessUser ExperienceSecurityDo Security ToolbarsSocial Engineering (Security)Security ToolbarsWeb BrowserPhishingSecurity-related InformationData Security
Security toolbars display security‑related information to help users detect phishing attacks, but their usability and effectiveness in preventing users from providing personal information must be evaluated. The study involved two user experiments comparing three security toolbars and other browser security indicators, assessing their effectiveness in preventing phishing attacks. The studies revealed that all tested toolbars were ineffective, with many users ignoring or dismissing warnings and lacking understanding of phishing sophistication.
Security toolbars in a web browser show security-related information about a website to help users detect phishing attacks. Because the toolbars are designed for humans to use, they should be evaluated for usability -- that is, whether these toolbars really prevent users from being tricked into providing personal information. We conducted two user studies of three security toolbars and other browser security indicators and found them all ineffective at preventing phishing attacks. Even though subjects were asked to pay attention to the toolbar, many failed to look at it; others disregarded or explained away the toolbars' warnings if the content of web pages looked legitimate. We found that many subjects do not understand phishing attacks or realize how sophisticated such attacks can be.
| Year | Citations | |
|---|---|---|
Page 1
Page 1