Phishing emails continue to be a major cause of cybersecurity breaches despite the development of technical measures designed to thwart these attacks. Most phishing studies have investigated desktop email platforms, but the use of mobile devices for email exchanges has soared in recent years, especially amongst young adults. In this paper, we explore how the digital platform (desktop vs. mobile) influences users’ phish detection strategies. Twenty-one young adults (18-25 years) were asked to rate the legitimacy of emails using a live inbox test while using a think-aloud protocol on both platforms. Our results suggest that a lack of knowledge about key defence information on the mobile platform results in weak phish detection. We discuss the implications of these findings and offer design recommendations to support effective phish detection by smartphone users.
|Number of pages||22|
|Journal||Proceedings of the ACM on Human-Computer Interaction|
|Publication status||Accepted/In press - 17 Jun 2022|
|Event||MobileHCI 2022: The ACM International Conference on Mobile Human-Computer Interaction - Vancouver, Canada|
Duration: 28 Sep 2022 → 1 Oct 2022