{"id":"https://openalex.org/W4415390439","doi":"https://doi.org/10.1016/j.cose.2025.104682","title":"\u201cI believe it\u2019s incredibly difficult to fight against this flood of spam\u201d: Towards enhancing strategies for creating effective vulnerability notifications","display_name":"\u201cI believe it\u2019s incredibly difficult to fight against this flood of spam\u201d: Towards enhancing strategies for creating effective vulnerability notifications","publication_year":2025,"publication_date":"2025-10-21","ids":{"openalex":"https://openalex.org/W4415390439","doi":"https://doi.org/10.1016/j.cose.2025.104682"},"language":"en","primary_location":{"id":"doi:10.1016/j.cose.2025.104682","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.cose.2025.104682","pdf_url":null,"source":{"id":"https://openalex.org/S12529635","display_name":"Computers & Security","issn_l":"0167-4048","issn":["0167-4048","1872-6208"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers &amp; Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://doi.org/10.1016/j.cose.2025.104682","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5069244869","display_name":"Anne Hennig","orcid":"https://orcid.org/0000-0002-6964-589X"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Anne Hennig","raw_affiliation_strings":[],"raw_orcid":"https://orcid.org/0000-0002-6964-589X","affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071188442","display_name":"Maxime Fabian Veit","orcid":"https://orcid.org/0000-0001-8140-8953"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Maxime Veit","raw_affiliation_strings":[],"raw_orcid":"https://orcid.org/0000-0001-8140-8953","affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5117767827","display_name":"Leoni Schmidt-Enke","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Leoni Schmidt-Enke","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012605149","display_name":"Fabian Neusser","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Fabian Neusser","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038751937","display_name":"Dominik Herrmann","orcid":"https://orcid.org/0000-0002-7374-3054"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Dominik Herrmann","raw_affiliation_strings":[],"raw_orcid":"https://orcid.org/0000-0002-7374-3054","affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5033826310","display_name":"Peter Mayer","orcid":"https://orcid.org/0000-0002-6267-4874"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Peter Mayer","raw_affiliation_strings":[],"raw_orcid":"https://orcid.org/0000-0002-6267-4874","affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5069244869"],"corresponding_institution_ids":[],"apc_list":{"value":3190,"currency":"USD","value_usd":3190},"apc_paid":{"value":3190,"currency":"USD","value_usd":3190},"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.42389268,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"160","issue":null,"first_page":"104682","last_page":"104682"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/framing","display_name":"Framing (construction)","score":0.6100000143051147},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.567300021648407},{"id":"https://openalex.org/keywords/communication-source","display_name":"Communication source","score":0.513700008392334},{"id":"https://openalex.org/keywords/flood-myth","display_name":"Flood myth","score":0.5133000016212463},{"id":"https://openalex.org/keywords/harm","display_name":"Harm","score":0.3995000123977661},{"id":"https://openalex.org/keywords/notification-system","display_name":"Notification system","score":0.2833999991416931}],"concepts":[{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.6176999807357788},{"id":"https://openalex.org/C169087156","wikidata":"https://www.wikidata.org/wiki/Q2131593","display_name":"Framing (construction)","level":2,"score":0.6100000143051147},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.567300021648407},{"id":"https://openalex.org/C198104137","wikidata":"https://www.wikidata.org/wiki/Q974688","display_name":"Communication source","level":2,"score":0.513700008392334},{"id":"https://openalex.org/C74256435","wikidata":"https://www.wikidata.org/wiki/Q134052","display_name":"Flood myth","level":2,"score":0.5133000016212463},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.4659000039100647},{"id":"https://openalex.org/C39549134","wikidata":"https://www.wikidata.org/wiki/Q133080","display_name":"Public relations","level":1,"score":0.41819998621940613},{"id":"https://openalex.org/C2777363581","wikidata":"https://www.wikidata.org/wiki/Q15098235","display_name":"Harm","level":2,"score":0.3995000123977661},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3935000002384186},{"id":"https://openalex.org/C2779011373","wikidata":"https://www.wikidata.org/wiki/Q3962191","display_name":"Notification system","level":2,"score":0.2833999991416931},{"id":"https://openalex.org/C2776654903","wikidata":"https://www.wikidata.org/wiki/Q2601463","display_name":"SAFER","level":2,"score":0.2754000127315521},{"id":"https://openalex.org/C56995899","wikidata":"https://www.wikidata.org/wiki/Q1126687","display_name":"Focus group","level":2,"score":0.2721000015735626},{"id":"https://openalex.org/C2776544517","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Unexpected events","level":2,"score":0.25040000677108765}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1016/j.cose.2025.104682","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.cose.2025.104682","pdf_url":null,"source":{"id":"https://openalex.org/S12529635","display_name":"Computers & Security","issn_l":"0167-4048","issn":["0167-4048","1872-6208"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers &amp; Security","raw_type":"journal-article"},{"id":"pmh:oai:sdu.dk:openaire/8d4cb1b8-ea9c-467b-a836-67a7b4325378","is_oa":true,"landing_page_url":"https://portal.findresearcher.sdu.dk/da/publications/8d4cb1b8-ea9c-467b-a836-67a7b4325378","pdf_url":null,"source":{"id":"https://openalex.org/S4306400423","display_name":"University of Southern Denmark Research Portal (University of Southern Denmark)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I177969490","host_organization_name":"University of Southern Denmark","host_organization_lineage":["https://openalex.org/I177969490"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Hennig, A, Veit, M, Schmidt-Enke, L, Neusser, F, Herrmann, D & Mayer, P 2026, '\u201cI believe it's incredibly difficult to fight against this flood of spam\u201d : Towards enhancing strategies for creating effective vulnerability notifications', Computers and Security, vol. 160, 104682. https://doi.org/10.1016/j.cose.2025.104682","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"doi:10.1016/j.cose.2025.104682","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.cose.2025.104682","pdf_url":null,"source":{"id":"https://openalex.org/S12529635","display_name":"Computers & Security","issn_l":"0167-4048","issn":["0167-4048","1872-6208"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers &amp; Security","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3158822066","display_name":null,"funder_award_id":"16KIS1113","funder_id":"https://openalex.org/F4320321114","funder_display_name":"Bundesministerium f\u00fcr Bildung und Forschung"}],"funders":[{"id":"https://openalex.org/F4320320876","display_name":"Helmholtz-Gemeinschaft","ror":"https://ror.org/0281dp749"},{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"},{"id":"https://openalex.org/F4320325698","display_name":"Helmholtz Association","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":48,"referenced_works":["https://openalex.org/W1602619638","https://openalex.org/W2081430061","https://openalex.org/W2083700439","https://openalex.org/W2088135512","https://openalex.org/W2099697766","https://openalex.org/W2104806923","https://openalex.org/W2120106329","https://openalex.org/W2153635621","https://openalex.org/W2182467309","https://openalex.org/W2330194958","https://openalex.org/W2518868606","https://openalex.org/W2564812877","https://openalex.org/W2601447320","https://openalex.org/W2605429828","https://openalex.org/W2752929869","https://openalex.org/W2788256404","https://openalex.org/W2794740256","https://openalex.org/W2896498448","https://openalex.org/W2913650309","https://openalex.org/W2947292565","https://openalex.org/W2949643954","https://openalex.org/W3094617583","https://openalex.org/W3103256304","https://openalex.org/W3126285618","https://openalex.org/W3183341016","https://openalex.org/W3199256509","https://openalex.org/W4200071117","https://openalex.org/W4230669233","https://openalex.org/W4231853065","https://openalex.org/W4232898285","https://openalex.org/W4233210494","https://openalex.org/W4235045181","https://openalex.org/W4236793616","https://openalex.org/W4238996902","https://openalex.org/W4239223340","https://openalex.org/W4245149829","https://openalex.org/W4247143791","https://openalex.org/W4288057715","https://openalex.org/W4304701207","https://openalex.org/W4308764956","https://openalex.org/W4315746341","https://openalex.org/W4323349041","https://openalex.org/W4376626867","https://openalex.org/W4385256934","https://openalex.org/W4394683777","https://openalex.org/W4399147191","https://openalex.org/W4402047017","https://openalex.org/W4403137248"],"related_works":[],"abstract_inverted_index":{"Identifying":[0],"the":[1,37,64,95,100,117,142,216,240,257,290],"most":[2],"effective":[3,28],"and":[4,30,36,70,104,123,194,222],"scalable":[5],"methods":[6],"for":[7,76,200,225,243],"notifying":[8,120],"website":[9,160,246],"owners":[10,161,247],"about":[11],"compromises":[12],"or":[13,183,252,282,289],"vulnerabilities":[14,129],"remains":[15],"an":[16],"enduring":[17],"challenge.":[18],"Although":[19],"some":[20,264],"success":[21],"factors":[22],"have":[23],"been":[24],"identified,":[25],"results":[26],"regarding":[27],"senders":[29,69,193],"notification":[31,61,74,89,113,202,295],"framing":[32,105],"are":[33,263],"often":[34],"inconsistent,":[35],"understanding":[38],"of":[39,66,73,97,102,119,141,219,259],"how":[40,226],"recipients":[41],"perceive":[42],"vulnerability":[43],"notifications":[44,174,227],"is":[45],"still":[46],"limited.":[47],"Heading":[48],"towards":[49],"a":[50,55,84,108,138,197,250,260],"better":[51],"understanding,":[52],"we":[53,154],"conducted":[54,155],"3":[56,58],"\u00d7":[57],"randomized":[59],"controlled":[60],"experiment,":[62,114],"examining":[63],"impact":[65],"three":[67,71],"distinct":[68],"variations":[72],"framings":[75],"n=581":[77],"compromised":[78,121],"German":[79],"websites.":[80,167],"Our":[81],"findings":[82],"revealed":[83],"promising":[85],"trend:":[86],"receiving":[87],"any":[88],"significantly":[90],"increased":[91],"remediation":[92,268],"compared":[93],"to":[94,130,146,213,238,248,266],"absence":[96],"one.":[98],"Remarkably,":[99],"choice":[101],"sender":[103],"played":[106],"only":[107],"minor":[109],"role":[110],"in":[111,233,256],"our":[112,173],"which":[115],"underscores":[116],"importance":[118,232],"websites":[122,144],"should":[124,208,276],"motivate":[125],"those":[126],"who":[127,162],"find":[128],"take":[131],"action.":[132],"Yet,":[133],"despite":[134],"these":[135],"encouraging":[136,245],"results,":[137],"staggering":[139],"58%":[140],"notified":[143],"failed":[145],"remediate.":[147],"To":[148],"delve":[149],"deeper":[150],"into":[151],"this":[152],"phenomenon,":[153],"follow-up":[156],"interviews":[157],"with":[158],"42":[159],"did":[163],"not":[164],"remediate":[165],"their":[166,231],"The":[168],"insights":[169],"were":[170,175],"revealing:":[171],"while":[172],"delivered,":[176],"many":[177],"interviewees":[178],"admitted":[179],"they":[180],"either":[181],"overlooked":[182],"dismissed":[184],"them":[185],"as":[186],"spam.":[187],"This":[188],"pattern":[189],"persisted":[190],"across":[191],"different":[192],"framings,":[195],"highlighting":[196],"critical":[198],"challenge":[199],"future":[201,206,274],"campaigns.":[203,296],"Moving":[204],"forward,":[205],"research":[207],"focus":[209],"on":[210],"finding":[211],"ways":[212],"cut":[214],"through":[215],"overwhelming":[217],"amount":[218],"daily":[220],"\u201cspam\u201d":[221],"explore":[223],"strategies":[224,237],"can":[228],"effectively":[229],"convey":[230],"recipients\u2019":[234],"inboxes.":[235],"Exploring":[236],"raise":[239],"general":[241],"awareness":[242],"cybersecurity,":[244],"provide":[249],"security.txt,":[251],"providing":[253],"additional":[254],"assistance":[255],"form":[258],"self-service":[261],"tool,":[262],"proposals":[265],"increase":[267],"rates.":[269],"We":[270],"further":[271],"recommend":[272],"that":[273],"work":[275],"consider":[277],"theories":[278],"from":[279],"communication":[280],"science":[281],"psychology,":[283],"e.g.,":[284],"Protection":[285],"Motivation":[286],"Theory":[287],"(PMT)":[288],"Elaboration-Likelihood":[291],"Model,":[292],"when":[293],"designing":[294]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-22T00:00:00"}