{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T17:40:43Z","timestamp":1776102043120,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":60,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,5,2]],"date-time":"2019-05-02T00:00:00Z","timestamp":1556755200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,5,2]]},"DOI":"10.1145\/3290605.3300748","type":"proceedings-article","created":{"date-parts":[[2019,4,29]],"date-time":"2019-04-29T17:36:58Z","timestamp":1556559418000},"page":"1-15","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":70,"title":["Put Your Warning Where Your Link Is"],"prefix":"10.1145","author":[{"given":"Justin","family":"Petelka","sequence":"first","affiliation":[{"name":"University of Washington, Seattle, WA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yixin","family":"Zou","sequence":"additional","affiliation":[{"name":"University of Michigan, Ann Arbor, MI, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Florian","family":"Schaub","sequence":"additional","affiliation":[{"name":"University of Michigan, Ann Arbor, MI, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2019,5,2]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3054926"},{"key":"e_1_3_2_2_2_1","volume-title":"USENIX security symposium","author":"Akhawe Devdatta","unstructured":"Devdatta Akhawe and Adrienne Porter Felt . 2013. Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness .. In USENIX security symposium , Vol. 13 . Devdatta Akhawe and Adrienne Porter Felt. 2013. Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness.. In USENIX security symposium, Vol. 13."},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2702123.2702210"},{"key":"e_1_3_2_2_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/2702123.2702322"},{"key":"e_1_3_2_2_7_1","volume-title":"Carnegie Mellon University Warning Design Guidelines","author":"Bauer Lujo","unstructured":"Lujo Bauer , Cristian Bravo-Lillo , Lorrie Cranor , and Elli Fragkaki . 2013. Carnegie Mellon University Warning Design Guidelines . Technical Report Carnegie Mellon University-CyLab-13002. Carnegie Mellon University . Lujo Bauer, Cristian Bravo-Lillo, Lorrie Cranor, and Elli Fragkaki. 2013. Carnegie Mellon University Warning Design Guidelines. Technical Report Carnegie Mellon University-CyLab-13002. Carnegie Mellon University."},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.5555\/1734234.1734239"},{"key":"e_1_3_2_2_9_1","unstructured":"Cristian Bravo-Lillo. 2014. Improving Computer Security Dialogs: An Exploration of Attention and Habituation.  Cristian Bravo-Lillo. 2014. Improving Computer Security Dialogs: An Exploration of Attention and Habituation."},{"key":"e_1_3_2_2_10_1","volume-title":"10th Symposium On Usable Privacy and Security (SOUPS 2014). USENIX Association, Menlo Park, CA, 105--111. https:\/\/www.usenix.org\/conference\/soups2014\/ proceedings\/presentation\/bravo-lillo","author":"Bravo-Lillo Cristian","year":"2014","unstructured":"Cristian Bravo-Lillo , Lorrie Cranor , Saranga Komanduri , Stuart Schechter , and Manya Sleeper . 2014 . Harder to Ignore? Revisiting Pop-Up Fatigue and Approaches to Prevent It . In 10th Symposium On Usable Privacy and Security (SOUPS 2014). USENIX Association, Menlo Park, CA, 105--111. https:\/\/www.usenix.org\/conference\/soups2014\/ proceedings\/presentation\/bravo-lillo Cristian Bravo-Lillo, Lorrie Cranor, Saranga Komanduri, Stuart Schechter, and Manya Sleeper. 2014. Harder to Ignore? Revisiting Pop-Up Fatigue and Approaches to Prevent It. In 10th Symposium On Usable Privacy and Security (SOUPS 2014). USENIX Association, Menlo Park, CA, 105--111. https:\/\/www.usenix.org\/conference\/soups2014\/ proceedings\/presentation\/bravo-lillo"},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2010.198"},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2501604.2501610"},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1280680.1280691"},{"key":"e_1_3_2_2_14_1","unstructured":"Madhusudhanan Chandrasekaran Krishnan Narayanan and Shambhu Upadhyaya. 2006. Phishing E-Mail Detection Based on Structural Properties. (2006) 7.  Madhusudhanan Chandrasekaran Krishnan Narayanan and Shambhu Upadhyaya. 2006. Phishing E-Mail Detection Based on Structural Properties. (2006) 7."},{"key":"e_1_3_2_2_15_1","first-page":"273","article-title":"Necessary but not sufficient: Standardized mechanisms for privacy notice and choice","author":"Cranor Lorrie Faith","year":"2012","unstructured":"Lorrie Faith Cranor . 2012 . Necessary but not sufficient: Standardized mechanisms for privacy notice and choice . J. on Telecomm. & High Tech. L. 10 (2012), 273 . Lorrie Faith Cranor. 2012. Necessary but not sufficient: Standardized mechanisms for privacy notice and choice. J. on Telecomm. & High Tech. L. 10 (2012), 273.","journal-title":"J. on Telecomm. & High Tech."},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1124772.1124861"},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1299015.1299019"},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1357054.1357219"},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2702123.2702442"},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2556288.2557292"},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242660"},{"key":"e_1_3_2_2_22_1","volume-title":"Goes Online, and Replicates.","author":"Firth Kristin","year":"2017","unstructured":"Kristin Firth , David A. Hoffman , and Tess Wilkinson-Ryan . 2017. Law and Psychology Grows Up , Goes Online, and Replicates. ( 2017 ). Kristin Firth, David A. Hoffman, and Tess Wilkinson-Ryan. 2017. Law and Psychology Grows Up, Goes Online, and Replicates. (2017)."},{"key":"e_1_3_2_2_23_1","unstructured":"Gmail Help Forum. 2018. Suspicious link issue! - Google Product Forums. https:\/\/productforums.google.com\/forum\/#!msg\/gmail\/h_ yeYefHFWk\/Fj8o4q3HAQAJ  Gmail Help Forum. 2018. Suspicious link issue! - Google Product Forums. https:\/\/productforums.google.com\/forum\/#!msg\/gmail\/h_ yeYefHFWk\/Fj8o4q3HAQAJ"},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/2755205"},{"key":"e_1_3_2_2_25_1","volume-title":"Global Phishing Survey: Trends and Domain Name Use","author":"Anti Phishing Working Group","year":"2016","unstructured":"Anti Phishing Working Group . 2017. Global Phishing Survey: Trends and Domain Name Use in 2016 . https:\/\/docs.apwg.org\/reports\/APWG_ Global _Phishing_Report_2015--2016.pdf Anti Phishing Working Group. 2017. Global Phishing Survey: Trends and Domain Name Use in 2016. https:\/\/docs.apwg.org\/reports\/APWG_ Global_Phishing_Report_2015--2016.pdf"},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2556288.2556978"},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2063176.2063197"},{"key":"e_1_3_2_2_28_1","volume-title":"Email Statistics Report","author":"The Radicati Group Inc. 2017.","year":"2017","unstructured":"The Radicati Group Inc. 2017. Email Statistics Report , 2017 2021. http:\/\/www.radicati.com\/wp\/wp-content\/uploads\/2017\/01\/ Email-Statistics-Report- 2017--2021-Executive-Summary.pdf The Radicati Group Inc. 2017. Email Statistics Report, 20172021. http:\/\/www.radicati.com\/wp\/wp-content\/uploads\/2017\/01\/ Email-Statistics-Report-2017--2021-Executive-Summary.pdf"},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1572532.1572538"},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1177\/154193120905302015"},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1572532.1572536"},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1754393.1754396"},{"key":"e_1_3_2_2_33_1","unstructured":"Phish Labs. 2017. 2017 Phishing and Threat Intelligence Report. https: \/\/pages.phishlabs.com\/rs\/130-BFB-942\/images\/2017%20PhishLabs% 20Phishing%20and%20Threat%20Intelligence%20Report.pdf  Phish Labs. 2017. 2017 Phishing and Threat Intelligence Report. https: \/\/pages.phishlabs.com\/rs\/130-BFB-942\/images\/2017%20PhishLabs% 20Phishing%20and%20Threat%20Intelligence%20Report.pdf"},{"key":"e_1_3_2_2_34_1","volume-title":"Symposium on Usable Privacy and Security (SOUPS).","author":"Lastdrager Elmer","year":"2017","unstructured":"Elmer Lastdrager , In\u00e9s Carvajal Gallardo , Pieter Hartel , and Marianne Junger . 2017 . How Effective is Anti-Phishing Training for Children? . In Symposium on Usable Privacy and Security (SOUPS). Elmer Lastdrager, In\u00e9s Carvajal Gallardo, Pieter Hartel, and Marianne Junger. 2017. How Effective is Anti-Phishing Training for Children?. In Symposium on Usable Privacy and Security (SOUPS)."},{"key":"e_1_3_2_2_35_1","volume-title":"Jinjuan Heidi Feng, and Harry Hochheiser","author":"Lazar Jonathan","year":"2017","unstructured":"Jonathan Lazar , Jinjuan Heidi Feng, and Harry Hochheiser . 2017 . Research methods in human-computer interaction. Morgan Kaufmann . Jonathan Lazar, Jinjuan Heidi Feng, and Harry Hochheiser. 2017. Research methods in human-computer interaction. Morgan Kaufmann."},{"key":"e_1_3_2_2_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1978942.1979244"},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2078827.2078838"},{"key":"e_1_3_2_2_38_1","volume-title":"Off-the-Hook: An Efficient and Usable Client-Side Phishing Prevention Application","author":"Marchal Samuel","year":"2017","unstructured":"Samuel Marchal , Giovanni Armano , Tommi Grondahl , Kalle Saari , Nidhi Singh , and N Asokan . 2017. Off-the-Hook: An Efficient and Usable Client-Side Phishing Prevention Application . IEEE Trans. Comput . ( 2017 ). Samuel Marchal, Giovanni Armano, Tommi Grondahl, Kalle Saari, Nidhi Singh, and N Asokan. 2017. Off-the-Hook: An Efficient and Usable Client-Side Phishing Prevention Application. IEEE Trans. Comput. (2017)."},{"key":"e_1_3_2_2_39_1","unstructured":"Samuel Marchal Kalle Saari Nidhi Singh and N. Asokan. 2015. Know Your Phish: Novel Techniques for Detecting Phishing Sites and their Targets. CoRR abs\/1510.06501 (2015). arXiv:1510.06501 http:\/\/arxiv. org.offcampus.lib.washington.edu\/abs\/1510.06501  Samuel Marchal Kalle Saari Nidhi Singh and N. Asokan. 2015. Know Your Phish: Novel Techniques for Detecting Phishing Sites and their Targets. CoRR abs\/1510.06501 (2015). arXiv:1510.06501 http:\/\/arxiv. org.offcampus.lib.washington.edu\/abs\/1510.06501"},{"key":"e_1_3_2_2_40_1","unstructured":"Federal Bureau of Investigation Internet Crime Complaint Center. 2017. 2017 Internet Crime Report. (2017) 29.  Federal Bureau of Investigation Internet Crime Complaint Center. 2017. 2017 Internet Crime Report. (2017) 29."},{"key":"e_1_3_2_2_41_1","unstructured":"Kenneth Olmstead and Aaron Smith. 2017. Pew Research Center. http:\/\/www.pewinternet.org\/2017\/03\/22\/ what-the-public-knows-about-cybersecurity\/  Kenneth Olmstead and Aaron Smith. 2017. Pew Research Center. http:\/\/www.pewinternet.org\/2017\/03\/22\/ what-the-public-knows-about-cybersecurity\/"},{"key":"e_1_3_2_2_42_1","unstructured":"Kenneth Olmstead and Aaron Smith. 2017. Pew Research Center. http: \/\/www.pewinternet.org\/2017\/01\/26\/americans-and-cybersecurity\/  Kenneth Olmstead and Aaron Smith. 2017. Pew Research Center. http: \/\/www.pewinternet.org\/2017\/01\/26\/americans-and-cybersecurity\/"},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2702123.2702165"},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2556288.2557121"},{"key":"e_1_3_2_2_46_1","volume-title":"Eleventh Symposium On Usable Privacy and Security (SOUPS","author":"Schaub Florian","year":"2015","unstructured":"Florian Schaub , Rebecca Balebako , Adam L Durity , and Lorrie Faith Cranor . 2015 . A design space for effective privacy notices . In Eleventh Symposium On Usable Privacy and Security (SOUPS 2015). 1--17. Florian Schaub, Rebecca Balebako, Adam L Durity, and Lorrie Faith Cranor. 2015. A design space for effective privacy notices. In Eleventh Symposium On Usable Privacy and Security (SOUPS 2015). 1--17."},{"key":"e_1_3_2_2_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.35"},{"key":"e_1_3_2_2_48_1","unstructured":"UC Berkeley Information Security and Policy. 2018. Phishing | Information Security and Policy. https:\/\/security.berkeley.edu\/resources\/ phishing  UC Berkeley Information Security and Policy. 2018. Phishing | Information Security and Policy. https:\/\/security.berkeley.edu\/resources\/ phishing"},{"key":"e_1_3_2_2_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/1280680.1280692"},{"key":"e_1_3_2_2_50_1","volume-title":"USENIX Security Symposium. 399--416","author":"Sunshine Joshua","year":"2009","unstructured":"Joshua Sunshine , Serge Egelman , Hazim Almuhimedi , Neha Atri , and Lorrie Faith Cranor . 2009 . Crying Wolf: An Empirical Study of SSL Warning Effectiveness .. In USENIX Security Symposium. 399--416 . Joshua Sunshine, Serge Egelman, Hazim Almuhimedi, Neha Atri, and Lorrie Faith Cranor. 2009. Crying Wolf: An Empirical Study of SSL Warning Effectiveness.. In USENIX Security Symposium. 399--416."},{"key":"e_1_3_2_2_51_1","unstructured":"Symantec. 2018. Internet Security Threat Report.  Symantec. 2018. Internet Security Threat Report."},{"key":"e_1_3_2_2_52_1","doi-asserted-by":"publisher","DOI":"10.1287\/isre.1090.0260"},{"key":"e_1_3_2_2_54_1","doi-asserted-by":"publisher","DOI":"10.1108\/ICS-07-2015-0032"},{"key":"e_1_3_2_2_55_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.02.004"},{"key":"e_1_3_2_2_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/1978942.1979456"},{"key":"e_1_3_2_2_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3173574.3174066"},{"key":"e_1_3_2_2_58_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2009.07.012"},{"key":"e_1_3_2_2_59_1","unstructured":"Colin Whittaker Brian Ryner and Marria Nazif. 2007. Large-Scale Automatic Classification of Phishing Pages. (2007) 14.  Colin Whittaker Brian Ryner and Marria Nazif. 2007. Large-Scale Automatic Classification of Phishing Pages. (2007) 14."},{"key":"e_1_3_2_2_60_1","volume-title":"based guidelines for warning design and evaluation. Applied ergonomics 33, 3","author":"Wogalter Michael S","year":"2002","unstructured":"Michael S Wogalter , Vincent C Conzola , and Tonya L Smith-Jackson . 2002. based guidelines for warning design and evaluation. Applied ergonomics 33, 3 ( 2002 ), 219--230. Michael S Wogalter, Vincent C Conzola, and Tonya L Smith-Jackson. 2002. based guidelines for warning design and evaluation. Applied ergonomics 33, 3 (2002), 219--230."},{"key":"e_1_3_2_2_61_1","volume-title":"IBM X-Force Threat Intelligence Index","author":"Force IBM","year":"2018","unstructured":"IBM X- Force . 2018. IBM X-Force Threat Intelligence Index 2018 . https: \/\/www.ibm.com\/security\/data-breach\/threat-intelligence IBM X-Force. 2018. IBM X-Force Threat Intelligence Index 2018. https: \/\/www.ibm.com\/security\/data-breach\/threat-intelligence"},{"key":"e_1_3_2_2_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/2019599.2019606"},{"key":"e_1_3_2_2_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/2746194.2746208"},{"key":"e_1_3_2_2_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242659"}],"event":{"name":"CHI '19: CHI Conference on Human Factors in Computing Systems","location":"Glasgow Scotland Uk","acronym":"CHI '19","sponsor":["SIGCHI ACM Special Interest Group on Computer-Human Interaction"]},"container-title":["Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3290605.3300748","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3290605.3300748","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:53:28Z","timestamp":1750204408000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3290605.3300748"}},"subtitle":["Improving and Evaluating Email Phishing Warnings"],"short-title":[],"issued":{"date-parts":[[2019,5,2]]},"references-count":60,"alternative-id":["10.1145\/3290605.3300748","10.1145\/3290605"],"URL":"https:\/\/doi.org\/10.1145\/3290605.3300748","relation":{},"subject":[],"published":{"date-parts":[[2019,5,2]]},"assertion":[{"value":"2019-05-02","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}