Does Domain Highlighting Help People Identify Phishing Sites?

Lin, E., Greenberg, S., Trotter, E., Ma, D. and Aycock, J. (2011)
Does Domain Highlighting Help People Identify Phishing Sites? In Proceedings of the ACM Conference on Human Factors in Computing Systems - ACM CHI'2011. (Vancouver, Canada), ACM Press, 10 pages, May 7-12. Includes scripted slide deck. Earlier version as Report 2010-978-27 (pdf).

View Publication and Related Materials

PDF PaperPDF Paper (2011-DomainHighlighting.CHI.pdf)
PowerPoint PresentationPowerPoint Presentation (2011-DomainHighlighting.CHI.pptx)

Abstract

Phishers are fraudsters that mimic legitimate websites to steal user's credential information and exploit that information for identity theft and other criminal activities. Various anti-phishing techniques attempt to mitigate such attacks. Domain highlighting is one such approach recently incorporated by several popular web browsers. The idea is simple: the domain name of an address is highlighted in the address bar, so that users can inspect it to determine a web site's legitimacy. Our research asks a basic question: how well does domain highlighting work? To answer this, we showed 22 participants 16 web pages typical of those targeted for phishing attacks, where participants had to determine the page's legitimacy. In the first round, they judged the page's legitimacy by whatever means they chose. In the second round, they were directed specifically to look at the address bar. We found that participants fell into 3 types in terms of how they determined the legitimacy of a web page; while domain highlighting was somewhat effective for one user type, it was much less effective for others. We conclude that domain highlighting, while providing some benefit, cannot be relied upon as the sole method to prevent phishing attacks.

Bibtex entry

@INPROCEEDINGS { 2011-DomainHighlighting.CHI,
CLASS = { CONFARTICLE },
AUTHOR = { Lin, E. and Greenberg, S. and Trotter, E. and Ma, D. and Aycock, J. },
TITLE = { Does Domain Highlighting Help People Identify Phishing Sites? },
BOOKTITLE = { Proceedings of the ACM Conference on Human Factors in Computing Systems - ACM CHI'2011 },
YEAR = { 2011 },
MONTH = { May 7-12 },
PAGES = { 10 pages },
PUBLISHER = { ACM Press },
ADDRESS = { Vancouver, Canada },
NOTE = { Includes scripted slide deck. Earlier version as Report 2010-978-27 (pdf) },
}