Peering into the Phish Bowl: An Analysis of Real-World Phishing Cues
Lorenzo Neil, Shanee Dawkins, Jody Jacobs, Julia Sharp
Organizations use simulated phishing awareness train-ing exercises to help users identify, detect, and defend against the ever-changing phishing threat landscape. Realistic phishing emails are used to test users' ability to spot a phish from visible cues. However, there are no metrics aimed at classifying the saliency of these visual cues. In this research, we analyzed different types of cues present in real-world phishing emails. The most common cues and cue types are presented, along with the frequency of their use in real-world phishing emails.
Proceedings of the Nineteenth Symposium on Usable Privacy and Security
August 6-8, 2023
Anaheim, CA, US
Nineteenth Symposium on Usable Privacy and Security
, Dawkins, S.
, Jacobs, J.
and Sharp, J.
Peering into the Phish Bowl: An Analysis of Real-World Phishing Cues, Proceedings of the Nineteenth Symposium on Usable Privacy and Security, Anaheim, CA, US, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=956178
(Accessed September 26, 2023)