F for fake: four studies on how we fall for phish

Blythe, Mark, Petrie, Helen and Clark, John (2011) F for fake: four studies on how we fall for phish. In: CHI 2011 (ACM Conference on Human Factors in Computing Systems), 7-8 May 2011, Vancouver, Canada.

Full text not available from this repository. (Request a copy)
Official URL: http://dx.doi.org/10.1145/1978942.1979459


This paper reports findings from a multi-method set of four studies that investigate why we continue to fall for phish. Current security advice suggests poor spelling and grammar in emails can be signs of phish. But a content analysis of a phishing archive indicates that many such emails contain no obvious spelling or grammar mistakes and often use convincing logos and letterheads. An online survey of 224 people finds that although phish are detected approximately 80% of the time, those with logos are significantly harder to detect. A qualitative interview study was undertaken to better understand the strategies used to identify phish. Blind users were selected because it was thought they may be more vulnerable to phishing attacks, however they demonstrated robust strategies for identifying phish based on careful reading of emails. Finally an analysis was undertaken of phish as a literary form. This identifies the main literary device employed as pastiche and draws on critical theory to consider why security based pastiche may be currently very persuasive.

Item Type: Conference or Workshop Item (Paper)
Subjects: W200 Design studies
Department: Faculties > Arts, Design and Social Sciences > Design
Related URLs:
Depositing User: Ellen Cole
Date Deposited: 13 Dec 2012 14:13
Last Modified: 12 Oct 2019 19:35
URI: http://nrl.northumbria.ac.uk/id/eprint/10648

Actions (login required)

View Item View Item


Downloads per month over past year

View more statistics