{"id":"https://openalex.org/W4393380278","doi":"https://doi.org/10.1109/ecrime61234.2023.10485552","title":"\u201cDo Users Fall for Real Adversarial Phishing?\u201d Investigating the Human Response to Evasive Webpages","display_name":"\u201cDo Users Fall for Real Adversarial Phishing?\u201d Investigating the Human Response to Evasive Webpages","publication_year":2023,"publication_date":"2023-11-15","ids":{"openalex":"https://openalex.org/W4393380278","doi":"https://doi.org/10.1109/ecrime61234.2023.10485552"},"language":"en","primary_location":{"id":"doi:10.1109/ecrime61234.2023.10485552","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ecrime61234.2023.10485552","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 APWG Symposium on Electronic Crime Research (eCrime)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093382094","display_name":"Ajka Draganovic","orcid":null},"institutions":[{"id":"https://openalex.org/I184656255","display_name":"University of Liechtenstein","ror":"https://ror.org/01qjrx392","country_code":"LI","type":"education","lineage":["https://openalex.org/I184656255"]}],"countries":["LI"],"is_corresponding":false,"raw_author_name":"Ajka Draganovic","raw_affiliation_strings":["University of Liechtenstein"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Liechtenstein","institution_ids":["https://openalex.org/I184656255"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041727059","display_name":"Savino Dambra","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Savino Dambra","raw_affiliation_strings":["Norton Research Group"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Norton Research Group","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5093382095","display_name":"Javier Aldana Iuit","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Javier Aldana Iuit","raw_affiliation_strings":["Avast Software"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Avast Software","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052168623","display_name":"Kevin Roundy","orcid":"https://orcid.org/0000-0002-8285-1647"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kevin Roundy","raw_affiliation_strings":["Norton Research Group"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Norton Research Group","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5084036967","display_name":"Giovanni Apruzzese","orcid":"https://orcid.org/0000-0002-6890-9611"},"institutions":[{"id":"https://openalex.org/I184656255","display_name":"University of Liechtenstein","ror":"https://ror.org/01qjrx392","country_code":"LI","type":"education","lineage":["https://openalex.org/I184656255"]}],"countries":["LI"],"is_corresponding":false,"raw_author_name":"Giovanni Apruzzese","raw_affiliation_strings":["University of Liechtenstein"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Liechtenstein","institution_ids":["https://openalex.org/I184656255"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.2941,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.86412709,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"14"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11147","display_name":"Misinformation and Its Impacts","score":0.9907000064849854,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/phishing","display_name":"Phishing","score":0.9648622870445251},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7248135805130005},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.718027651309967},{"id":"https://openalex.org/keywords/nobody","display_name":"nobody","score":0.648513913154602},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.5631086230278015},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.4972522556781769},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.46460264921188354},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.44676482677459717},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2542043924331665},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.20772090554237366}],"concepts":[{"id":"https://openalex.org/C83860907","wikidata":"https://www.wikidata.org/wiki/Q135005","display_name":"Phishing","level":3,"score":0.9648622870445251},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7248135805130005},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.718027651309967},{"id":"https://openalex.org/C36914074","wikidata":"https://www.wikidata.org/wiki/Q1940501","display_name":"nobody","level":2,"score":0.648513913154602},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.5631086230278015},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.4972522556781769},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.46460264921188354},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.44676482677459717},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2542043924331665},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.20772090554237366}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ecrime61234.2023.10485552","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ecrime61234.2023.10485552","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 APWG Symposium on Electronic Crime Research (eCrime)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5199999809265137,"display_name":"Gender equality","id":"https://metadata.un.org/sdg/5"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":64,"referenced_works":["https://openalex.org/W1591295894","https://openalex.org/W1883096928","https://openalex.org/W1984487609","https://openalex.org/W2025636081","https://openalex.org/W2028223155","https://openalex.org/W2029470356","https://openalex.org/W2071869991","https://openalex.org/W2084622065","https://openalex.org/W2090907153","https://openalex.org/W2131906261","https://openalex.org/W2136136174","https://openalex.org/W2139565456","https://openalex.org/W2140976335","https://openalex.org/W2142995284","https://openalex.org/W2145876870","https://openalex.org/W2150104072","https://openalex.org/W2150326939","https://openalex.org/W2162532690","https://openalex.org/W2221203134","https://openalex.org/W2278316643","https://openalex.org/W2336566325","https://openalex.org/W2347140731","https://openalex.org/W2469644868","https://openalex.org/W2503228337","https://openalex.org/W2562708975","https://openalex.org/W2568593117","https://openalex.org/W2571747832","https://openalex.org/W2604452528","https://openalex.org/W2741872938","https://openalex.org/W2898624677","https://openalex.org/W2902942389","https://openalex.org/W2915446580","https://openalex.org/W2963767355","https://openalex.org/W2963792772","https://openalex.org/W3003545752","https://openalex.org/W3047462340","https://openalex.org/W3082159171","https://openalex.org/W3106934761","https://openalex.org/W3157391927","https://openalex.org/W3185333550","https://openalex.org/W3189039252","https://openalex.org/W3195189229","https://openalex.org/W3199391345","https://openalex.org/W3212665059","https://openalex.org/W4213379419","https://openalex.org/W4247200422","https://openalex.org/W4283313119","https://openalex.org/W4283653152","https://openalex.org/W4285172164","https://openalex.org/W4307415696","https://openalex.org/W4308411166","https://openalex.org/W4311413020","https://openalex.org/W4378977274","https://openalex.org/W4379528887","https://openalex.org/W4382001444","https://openalex.org/W4388484877","https://openalex.org/W6731703718","https://openalex.org/W6742570696","https://openalex.org/W6782057393","https://openalex.org/W6794959624","https://openalex.org/W6799352735","https://openalex.org/W7000447106","https://openalex.org/W7027067152","https://openalex.org/W7038491112"],"related_works":["https://openalex.org/W1543072206","https://openalex.org/W2065156438","https://openalex.org/W2502265256","https://openalex.org/W2173947718","https://openalex.org/W4388363270","https://openalex.org/W2898696350","https://openalex.org/W2772791208","https://openalex.org/W4381511496","https://openalex.org/W2149202530","https://openalex.org/W2784053798"],"abstract_inverted_index":{"Phishing":[0],"websites":[1,32,91],"are":[2,70,76,151,178],"everywhere,":[3],"and":[4,73,201],"countermeasures":[5],"based":[6],"on":[7,106],"static":[8],"blocklists":[9],"cannot":[10],"cope":[11],"with":[12],"such":[13],"a":[14,98,107,110,159],"threat.":[15],"To":[16],"address":[17],"this":[18,84],"problem,":[19],"state-of-the-art":[20],"solutions":[21],"entail":[22],"the":[23,120,123,138],"application":[24],"of":[25,40,126],"machine":[26],"learning":[27],"(ML)":[28],"to":[29,57,78,116],"detect":[30],"phishing":[31,63,90,108,155,194],"by":[33,153,181],"checking":[34],"if":[35,119],"they":[36],"visually":[37],"resemble":[38],"webpages":[39,156,168,195],"well-known":[41],"brands.":[42],"These":[43],"techniques":[44],"have":[45],"achieved":[46],"promising":[47],"results":[48],"in":[49,61],"research":[50],"and,":[51],"consequently,":[52],"some":[53,74,165],"security":[54],"companies":[55],"began":[56],"deploy":[58],"them":[59],"also":[60],"their":[62,204],"detection":[64],"systems":[65],"(PDS).":[66],"However,":[67],"ML":[68],"methods":[69],"not":[71,114],"perfect":[72],"samples":[75],"bound":[77],"bypass":[79],"even":[80],"production-grade":[81],"PDS.":[82,161],"In":[83],"paper,":[85],"we":[86,135,143],"scrutinize":[87],"whether":[88,145],"genuine":[89],"that":[92,130,157,164,196],"evade":[93],"commercial":[94],"ML-based":[95],"PDS":[96],"represent":[97],"problem":[99],"\u201cin":[100],"reality\u201d.":[101],"Although":[102],"nobody":[103],"likes":[104],"landing":[105],"webpage,":[109],"false":[111],"negative":[112],"may":[113],"lead":[115],"serious":[117],"consequences":[118],"users":[121,147],"(i.e.,":[122],"actual":[124],"target":[125],"phishing)":[127],"can":[128,169],"recognize":[129],"\u201csomething":[131],"is":[132,186],"phishy\u201d.":[133],"Practically,":[134],"carry":[136],"out":[137],"first":[139],"user-study":[140],"(N=126)":[141],"wherein":[142],"assess":[144],"unsuspecting":[146],"(having":[148],"diverse":[149],"backgrounds)":[150],"deceived":[152],"\u201cadversarial\u201d":[154],"evaded":[158],"real":[160],"We":[162],"found":[163],"well-crafted":[166],"adver-sarial":[167],"trick":[170],"most":[171,182],"participants":[172],"(even":[173],"IT":[174],"experts),":[175],"albeit":[176],"others":[177],"easily":[179],"recognized":[180],"users.":[183],"Our":[184],"study":[185],"relevant":[187],"for":[188],"practitioners,":[189],"since":[190],"it":[191],"allows":[192],"prioritizing":[193],"simultaneously":[197],"fool":[198],"(i)":[199],"machines":[200],"(ii)":[202],"humans-i.e.,":[203],"intended":[205],"targets.":[206]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}