A newly announced Google Faculty Research award will fund a research project on developing better phishing warnings co-led by School of Information assistant professor Florian Schaub. Phishing attacks trick victims into clicking malicious email links to get them to disclose sensitive information such as personal data and passwords, or install malware.
Building on prior work, Schaub says this project will design new phishing warnings that guide users’ attention to a link’s underlying URL and help them evaluate whether the link is safe to click.
“To help people avoid falling for phishing attempts, common advice is to ‘check the URL before you click a link,’ but that’s actually not well supported in today’s email clients,” explains Schaub. “The onus is on the user to figure out whether or not a link in an email poses a security risk, which can be quite difficult.”