{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T17:41:05Z","timestamp":1776102065852,"version":"3.50.1"},"publisher-location":"Cham","reference-count":25,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030954833","type":"print"},{"value":"9783030954840","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,2,8]],"date-time":"2022-02-08T00:00:00Z","timestamp":1644278400000},"content-version":"vor","delay-in-days":38,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Phishing over email continues to be a significant threat, as such messages still end up in users\u2019 inboxes. Several studies showed that users rarely check the URL in the statusbar before clicking a link and that they have difficulties reading URLs. To support users, we propose SMILE (Smart eMaIl Link domain Extractor), a novel approach that provides the relevant information to distinguish between legitimate and phishing emails checking the links in them. Once applied, SMILE modifies all links in an email to contain the domain and top-level-domain of the URL behind them, e.g., \u201c<jats:underline>Click here<\/jats:underline>\u201d in an legitimate Amazon email is modified to \u201cClick here [<jats:underline>amazon.com<\/jats:underline>]\u201d.<\/jats:p>","DOI":"10.1007\/978-3-030-95484-0_23","type":"book-chapter","created":{"date-parts":[[2022,2,7]],"date-time":"2022-02-07T10:05:46Z","timestamp":1644228346000},"page":"403-412","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["SMILE - Smart eMaIl Link Domain Extractor"],"prefix":"10.1007","author":[{"given":"Mattia","family":"Mossano","sequence":"first","affiliation":[]},{"given":"Benjamin","family":"Berens","sequence":"additional","affiliation":[]},{"given":"Philip","family":"Heller","sequence":"additional","affiliation":[]},{"given":"Christopher","family":"Beckmann","sequence":"additional","affiliation":[]},{"given":"Lukas","family":"Aldag","sequence":"additional","affiliation":[]},{"given":"Peter","family":"Mayer","sequence":"additional","affiliation":[]},{"given":"Melanie","family":"Volkamer","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,2,8]]},"reference":[{"key":"23_CR1","doi-asserted-by":"publisher","unstructured":"Afroz, S., Greenstadt, R.: PhishZoo: detecting phishing websites by looking at them. In: International Conference on Semantic Computing, pp. 368\u2013375 (2011). https:\/\/doi.org\/10.1109\/ICSC.2011.52","DOI":"10.1109\/ICSC.2011.52"},{"key":"23_CR2","doi-asserted-by":"publisher","unstructured":"Al-Janabi, M., de Quincey, E., Andras, P.: Using supervised machine learning algorithms to detect suspicious URLs in online social networks. In: International Conference on Advances in Social Networks Analysis and Mining, pp. 1104\u20131111 (2017). https:\/\/doi.org\/10.1145\/3110025.3116201","DOI":"10.1145\/3110025.3116201"},{"key":"23_CR3","doi-asserted-by":"publisher","unstructured":"Albakry, S., Vaniea, K., Wolters, M.K.: What is this URL\u2019s destination? Empirical evaluation of users\u2019 URL reading. In: Conference on Human Factors in Computing Systems (CHI), pp. 1\u201312 (2020). https:\/\/doi.org\/10.1145\/3313831.3376168","DOI":"10.1145\/3313831.3376168"},{"key":"23_CR4","unstructured":"Ali, M., Nelson, J., Shea, R., Freedman, M.J.: Blockstack: a global naming and storage system secured by blockchains. In: USENIX Annual Technical Conference (USENIX ATC), pp. 181\u2013194 (2016). https:\/\/www.usenix.org\/conference\/atc16\/technical-sessions\/presentation\/ali"},{"key":"23_CR5","unstructured":"Althobaiti, K., Vaniea, K., Zheng, S.: Faheem: explaining URLs to people using a Slack bot. In: Symposium on Digital Behaviour Intervention for Cyber Security, pp. 1\u20138 (2018). https:\/\/vaniea.com\/papers\/aisb2018.pdf"},{"key":"23_CR6","doi-asserted-by":"crossref","unstructured":"APWG: Phishing activity trends report, 4th quarter 2020 (2021). https:\/\/docs.apwg.org\/reports\/apwg_trends_report_q4_2020.pdf","DOI":"10.1016\/S1361-3723(19)30025-9"},{"key":"23_CR7","doi-asserted-by":"publisher","unstructured":"Bin, S., Qiaoyan, W., Xiaoying, L.: A DNS based anti-phishing approach. In: 2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing, pp. 262\u2013265 (2010). https:\/\/doi.org\/10.1109\/NSWCTC.2010.196","DOI":"10.1109\/NSWCTC.2010.196"},{"key":"23_CR8","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/j.cose.2015.07.006","volume":"54","author":"KL Chiew","year":"2015","unstructured":"Chiew, K.L., Chang, E.H., Sze, S.N., Tiong, W.K.: Utilisation of website logo for phishing detection. Comput. Secur. 54, 16\u201326 (2015). https:\/\/doi.org\/10.1016\/j.cose.2015.07.006","journal-title":"Comput. Secur."},{"issue":"1","key":"23_CR9","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1515\/popets-2018-0006","volume":"2018","author":"S Englehardt","year":"2018","unstructured":"Englehardt, S., Han, J., Narayanan, A.: I never signed up for this! Privacy implications of email tracking. Proc. Priv. Enhancing Technol. 2018(1), 109\u2013126 (2018)","journal-title":"Proc. Priv. Enhancing Technol."},{"key":"23_CR10","doi-asserted-by":"publisher","unstructured":"Gastellier-Prevost, S., Gonzalez Granadillo, G., Laurent, M.: A dual approach to detect pharming attacks at the client-side. In: 4th IFIP International Conference on New Technologies, Mobility and Security, pp. 1\u20135 (2011). https:\/\/doi.org\/10.1109\/NTMS.2011.5721063","DOI":"10.1109\/NTMS.2011.5721063"},{"key":"23_CR11","unstructured":"Google: Internationalized Domain Names (IDN) in Google Chrome (2021). https:\/\/chromium.googlesource.com\/chromium\/src\/+\/refs\/heads\/main\/docs\/idn.md"},{"key":"23_CR12","doi-asserted-by":"publisher","unstructured":"Hajgude, J., Ragha, L.: Phish mail guard: phishing mail detection technique by using textual and URL analysis. In: 2012 World Congress on Information and Communication Technologies, pp. 297\u2013302 (2012). https:\/\/doi.org\/10.1109\/WICT.2012.6409092","DOI":"10.1109\/WICT.2012.6409092"},{"key":"23_CR13","unstructured":"Hill, R.: Public suffix list (2020). https:\/\/github.com\/gorhill\/publicsuffixlist.js"},{"key":"23_CR14","unstructured":"Lastdrager, E., Gallardo, I.C., Hartel, P., Junger, M.: How effective is anti-phishing training for children? In: Thirteenth Symposium on Usable Privacy and Security (SOUPS), pp. 229\u2013239 (2017). https:\/\/www.usenix.org\/conference\/soups2017\/technical-sessions\/presentation\/lastdrager"},{"key":"23_CR15","unstructured":"Litimus Email Analytics: Email client market share (2021). https:\/\/emailclientmarketshare.com\/"},{"key":"23_CR16","doi-asserted-by":"publisher","first-page":"1717","DOI":"10.1109\/TC.2017.2703808","volume":"66","author":"S Marchal","year":"2017","unstructured":"Marchal, S., Armano, G., Grondahl, T., Saari, K., Singh, N., Asokan, N.: Off-the-hook: an efficient and usable client-side phishing prevention application. IEEE Trans. Comput. 66, 1717\u20131733 (2017). https:\/\/doi.org\/10.1109\/TC.2017.2703808","journal-title":"IEEE Trans. Comput."},{"key":"23_CR17","unstructured":"Mozilla: Public Suffix List (2020). https:\/\/publicsuffix.org\/"},{"key":"23_CR18","doi-asserted-by":"publisher","unstructured":"Petelka, J., Zou, Y., Schaub, F.: Put your warning where your link is: improving and evaluating email phishing warnings. In: Conference on Human Factors in Computing Systems (CHI), pp. 1\u201315 (2019). https:\/\/doi.org\/10.1145\/3290605.3300748","DOI":"10.1145\/3290605.3300748"},{"key":"23_CR19","unstructured":"Reinheimer, B., et al.: An investigation of phishing awareness and education over time: when and how to best remind users. In: Sixteenth Symposium on Usable Privacy and Security (SOUPS), pp. 259\u2013284 (2020). https:\/\/www.usenix.org\/conference\/soups2020\/presentation\/reinheimer"},{"key":"23_CR20","unstructured":"SecUSo: TORPEDO-Webextension (2021). https:\/\/github.com\/SecUSo\/TORPEDO-Webextension"},{"key":"23_CR21","unstructured":"Valve: Text formatting (2021). https:\/\/steamcommunity.com\/comment\/Recommendation\/formattinghelp"},{"key":"23_CR22","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1016\/j.cose.2017.02.004","volume":"71","author":"M Volkamer","year":"2017","unstructured":"Volkamer, M., Renaud, K., Reinheimer, B., Kunz, A.: User experiences of TORPEDO: TOoltip-poweRed Phishing Email DetectiOn. Comput. Secur. 71, 100\u2013113 (2017). https:\/\/doi.org\/10.1016\/j.cose.2017.02.004","journal-title":"Comput. Secur."},{"key":"23_CR23","doi-asserted-by":"publisher","unstructured":"Wash, R.: How experts detect phishing scam emails. In: Proceedings of the ACM on Human-Computer Interaction, pp. 1\u201328 (2020). https:\/\/doi.org\/10.1145\/3415231","DOI":"10.1145\/3415231"},{"key":"23_CR24","doi-asserted-by":"publisher","unstructured":"Wen, Z.A., Lin, Z., Chen, R., Andersen, E.: What. Hack: engaging anti-phishing training through a role-playing phishing simulation game. In: Conference on Human Factors in Computing Systems (CHI), pp. 1\u201312 (2019). https:\/\/doi.org\/10.1145\/3290605.3300338","DOI":"10.1145\/3290605.3300338"},{"key":"23_CR25","doi-asserted-by":"publisher","unstructured":"Zhou, Y., Zhang, Y., Xiao, J., Wang, Y., Lin, W.: Visual similarity based anti-phishing with the combination of local and global features. In: 13th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 189\u2013196 (2014). https:\/\/doi.org\/10.1109\/TrustCom.2014.28","DOI":"10.1109\/TrustCom.2014.28"}],"container-title":["Lecture Notes in Computer Science","Computer Security. ESORICS 2021 International Workshops"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-95484-0_23","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,2,7]],"date-time":"2022-02-07T10:11:14Z","timestamp":1644228674000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-95484-0_23"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783030954833","9783030954840"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-95484-0_23","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"8 February 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Darmstadt","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 October 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 October 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2021.athene-center.de\/index.php","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"351","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"71","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"20% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.07","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6.06","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to the COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}