Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Do security toolbars actually prevent phishing attacks?
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
The Emperor's New Security Indicators
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Improving security decisions with polymorphic and audited dialogs
Proceedings of the 3rd symposium on Usable privacy and security
Anti-Phishing Phil: the design and evaluation of a game that teaches people not to fall for phish
Proceedings of the 3rd symposium on Usable privacy and security
You've been warned: an empirical study of the effectiveness of web browser phishing warnings
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
On the Effectiveness of Techniques to Detect Phishing Sites
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Browser interfaces and extended validation SSL certificates: an empirical study
Proceedings of the 2009 ACM workshop on Cloud computing security
The Wi-Fi privacy ticker: improving awareness & control of personal information exposure on Wi-Fi
Proceedings of the 12th ACM international conference on Ubiquitous computing
Data type based security alert dialogs
CHI '11 Extended Abstracts on Human Factors in Computing Systems
Helping Johnny 2.0 to encrypt his Facebook conversations
Proceedings of the Eighth Symposium on Usable Privacy and Security
Hi-index | 0.00 |
When browsing the Internet, users are likely to be exposed to security and privacy threats -- like fraudulent websites. Automatic browser mechanisms can protect them only to some extent. In other situations it is still important to raise the users' security awareness at the right moment. Passive indicators are mostly overlooked and blocking warnings are quickly dismissed by habituated users. In this work, we present a new concept of warnings that appear in-context, right next to data the user has just entered. Those dialogs are displayed whenever critical data types -- e.g. credit card data -- are entered by the users into online forms. Since they do not immediately interrupt the users' interaction but appear right in the users' focus, it is possible to place important security information in a way that it can be easily seen. We implemented the concept as a Firefox plugin and evaluated it in a row of studies including two lab studies, one focus group and one real world study. Results show that the concept is very well accepted by the users and that with the plugin, especially non-expert participants were more likely to identify fraudulent (or phishing) websites than using the standard browser warnings. Besides this, we were able to gather interesting findings on warning usage.