We present the design and evaluation of PhishDuck, an anti-phishing tool for email clients. Phishduck presents a interfaces to users if they click on suspicious emails, and helps guide them towards making safe decisions. We present two different interfaces, a warning interface and a redundancy interface. In our user study, we found that the Phishduck warning interface was statistically significantly better than the warning in
Mozilla Thunderbird, with the participants falling for phish decreasing from 70% to 0%
Is cybersecurity research missing a trick? Integrating insights from the psychology of habit into research and practice.
The idea that people should form positive security habits is gaining increasing attention amongst security...