The pervasiveness of phishing signals the insufficiency of current measures. Through a multidisciplinary approach, we conducted an eye-tracking study on how and where users look when they have to classify an email as phishing or legitimate. Furthermore, we investigated whether there is a difference between expert and non-expert subjects. The study showed firstly, better performance in recognising phishing emails by experts. Secondly, eye movement data showed the use of different email inspection methods between experts and non-experts. This could open up scenarios in the area of the improvement of training courses and the development of more intuitive email client interfaces in the suggestion of important clues in the recognltion of phishing emails.
Investigating Gaze Behavior in Phishing Email Identification
Ventre, Giorgio;Zinno, Stefania;Mancuso, Laura;Presta, Roberta
2023-01-01
Abstract
The pervasiveness of phishing signals the insufficiency of current measures. Through a multidisciplinary approach, we conducted an eye-tracking study on how and where users look when they have to classify an email as phishing or legitimate. Furthermore, we investigated whether there is a difference between expert and non-expert subjects. The study showed firstly, better performance in recognising phishing emails by experts. Secondly, eye movement data showed the use of different email inspection methods between experts and non-experts. This could open up scenarios in the area of the improvement of training courses and the development of more intuitive email client interfaces in the suggestion of important clues in the recognltion of phishing emails.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
