A Gaze-Based Analysis of Human Detection of Email Phishing

Phishing attacks continue to pose a significant threat to online security, targeting individuals across various domains. This paper presents an investigation into the eye movements differences exhibited by individuals with varying levels of computer science experience when confronted with phishing attempts. Leveraging advanced eye-tracking tools, our study scrutinized the gaze patterns and response strategies of computer science experts and novices when exposed to simulated phishing email scenarios. Our findings reveal striking disparities in the visual and cognitive processing of phishing content between the two groups. Computer science experts displayed a heightened vigilance, exhibiting more efficient scanning of suspicious elements and quicker recognition of phishing indicators. Conversely, novices exhibited longer fixation times on deceptive elements and were prone to falling for fraudulent schemes. The insights gained from our research hold valuable implications for the development of targeted cybersecurity education and the design of more effective anti-phishing tools and email clients.