{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T20:42:14Z","timestamp":1768423334579,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":53,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,9,30]],"date-time":"2024-09-30T00:00:00Z","timestamp":1727654400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-23-1-2563"],"award-info":[{"award-number":["N00014-23-1-2563"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["CNS-2419829"],"award-info":[{"award-number":["CNS-2419829"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["DGE-1663651"],"award-info":[{"award-number":["DGE-1663651"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["CNS-1942610"],"award-info":[{"award-number":["CNS-1942610"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["CICI 2232911"],"award-info":[{"award-number":["CICI 2232911"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["CNS-2127232"],"award-info":[{"award-number":["CNS-2127232"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["CNS-2346845"],"award-info":[{"award-number":["CNS-2346845"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,9,30]]},"DOI":"10.1145\/3678890.3678926","type":"proceedings-article","created":{"date-parts":[[2024,9,29]],"date-time":"2024-09-29T22:23:36Z","timestamp":1727648616000},"page":"49-64","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["From Victims to Defenders: An Exploration of the Phishing Attack Reporting Ecosystem"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6116-8737","authenticated-orcid":false,"given":"Zhibo","family":"Sun","sequence":"first","affiliation":[{"name":"Drexel University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-0883-6652","authenticated-orcid":false,"given":"Faris Bugra","family":"Kokulu","sequence":"additional","affiliation":[{"name":"Arizona State University, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4770-7615","authenticated-orcid":false,"given":"Penghui","family":"Zhang","sequence":"additional","affiliation":[{"name":"Arizona State University, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4313-3714","authenticated-orcid":false,"given":"Adam","family":"Oest","sequence":"additional","affiliation":[{"name":"Arizona State University, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6162-578X","authenticated-orcid":false,"given":"Gianluca","family":"Stringhini","sequence":"additional","affiliation":[{"name":"Boston University, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6424-0001","authenticated-orcid":false,"given":"Tiffany","family":"Bao","sequence":"additional","affiliation":[{"name":"Arizona State University, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1524-2566","authenticated-orcid":false,"given":"Ruoyu","family":"Wang","sequence":"additional","affiliation":[{"name":"Arizona State University, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8832-1789","authenticated-orcid":false,"given":"Yan","family":"Shoshitaishvili","sequence":"additional","affiliation":[{"name":"Arizona State University, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2634-3901","authenticated-orcid":false,"given":"Adam","family":"Doup\u00e9","sequence":"additional","affiliation":[{"name":"Arizona State University, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4271-1666","authenticated-orcid":false,"given":"Gail-Joon","family":"Ahn","sequence":"additional","affiliation":[{"name":"Arizona State University, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,9,30]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2021. Browser Market Share. https:\/\/netmarketshare.com\/browser-market-share.aspx"},{"key":"e_1_3_2_1_2_1","unstructured":"Greg Aaron Lyman Chapin David Piscitello and Colin Strutt. 2020. Phishing Landscape 2020: A Study of the Scope and Distribution of Phishing. (2020)."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.4236\/jis.2018.94018"},{"key":"e_1_3_2_1_4_1","volume-title":"Proceedings of the USENIX Security Symposium (USENIX).","author":"Acharya Bhupendra","year":"2021","unstructured":"Bhupendra Acharya and Phani Vadrevu. 2021. PhishPrint: Evading Phishing Detection Crawlers by Prior Profiling. In Proceedings of the USENIX Security Symposium (USENIX)."},{"key":"e_1_3_2_1_5_1","volume-title":"Proceedings of the IEEE International Conference on Information Society (i-Society).","author":"Asanka\u00a0Gamagedara Arachchilage Nalin","year":"2011","unstructured":"Nalin Asanka\u00a0Gamagedara Arachchilage and Melissa Cole. 2011. Design a Mobile Game for Home Computer Users to Prevent from \"Phishing Attacks\". In Proceedings of the IEEE International Conference on Information Society (i-Society)."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.chb.2012.12.018"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.chb.2014.05.046"},{"key":"e_1_3_2_1_8_1","volume-title":"Proceedings of the USENIX Security Symposium (USENIX).","author":"Bijmans Hugo","year":"2021","unstructured":"Hugo Bijmans, Tim Booij, Anneke Schwedersky, Aria Nedgabat, and Rolf van Wegberg. 2021. Catching Phishers By Their Bait: Investigating the Dutch Phishing Landscape through Phishing Kit Detection. In Proceedings of the USENIX Security Symposium (USENIX)."},{"key":"e_1_3_2_1_9_1","volume-title":"Amazon\u2019s Mechanical Turk: A new source of inexpensive, yet high-quality data?Perspectives on Psychological Science 6, 1","author":"Buhrmester Michael","year":"2011","unstructured":"Michael Buhrmester, Tracy Kwang, and Samuel\u00a0D Gosling. 2011. Amazon\u2019s Mechanical Turk: A new source of inexpensive, yet high-quality data?Perspectives on Psychological Science 6, 1 (2011), 3\u20135."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/BigData.2017.8258485"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.im.2020.103394"},{"key":"e_1_3_2_1_12_1","volume-title":"Proceedings of the Symposium on Network and Distributed System Security (NDSS).","author":"Cranor Lorrie\u00a0Faith","year":"2007","unstructured":"Lorrie\u00a0Faith Cranor, Serge Egelman, Jason\u00a0I Hong, and Yue Zhang. 2007. Phinding Phish: An Evaluation of Anti-Phishing Toolbars. In Proceedings of the Symposium on Network and Distributed System Security (NDSS)."},{"key":"e_1_3_2_1_13_1","unstructured":"FBI. 2023. 2022 Internet Crime Report. https:\/\/www.ic3.gov\/Media\/PDF\/AnnualReport\/2022_IC3Report.pdf"},{"key":"e_1_3_2_1_14_1","unstructured":"Federal Trade Commission. 2024. Phishing. https:\/\/www.ftc.gov\/business-guidance\/small-businesses\/cybersecurity\/phishing"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3290607.3312846"},{"key":"e_1_3_2_1_16_1","volume-title":"A data-driven analysis of workers","author":"Hara Kotaro","unstructured":"Kotaro Hara, Abigail Adams, Kristy Milland, Saiph Savage, Chris Callison-Burch, and Jeffrey\u00a0P Bigham. 2018. A data-driven analysis of workers\u2019 earnings on Amazon Mechanical Turk. In chi."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1080\/19312450709336664"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2063176.2063197"},{"key":"e_1_3_2_1_19_1","unstructured":"IBM. 2021. Email Security \u2013 Defanging URLs. https:\/\/www.ibm.com\/docs\/en\/rsoa-and-rp\/32.0?topic=SSBRUQ_32.0.0\/com.ibm.resilient.doc\/install\/resilient_install_defangURLs.htm"},{"key":"e_1_3_2_1_20_1","first-page":"1","article-title":"The Human Factor in Phishing","volume":"7","author":"Jakobsson Markus","year":"2007","unstructured":"Markus Jakobsson. 2007. The Human Factor in Phishing. Privacy & Security of Consumer Information 7, 1 (2007), 1\u201319.","journal-title":"Privacy & Security of Consumer Information"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1108\/ICS-07-2020-0113"},{"key":"e_1_3_2_1_22_1","unstructured":"Tom\u00a0Huddleston Jr.2019. How this scammer used phishing emails to steal over $100 million from Google and Facebook. https:\/\/www.cnbc.com\/2019\/03\/27\/phishing-email-scam-stole-100-million-from-facebook-and-google.html"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1357054.1357127"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354239"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2014.09.005"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1572532.1572536"},{"key":"e_1_3_2_1_27_1","volume-title":"Why do users not report spear phishing emails?Telematics and Informatics 48","author":"Kwak Youngsun","year":"2020","unstructured":"Youngsun Kwak, Seyoung Lee, Amanda Damiano, and Arun Vishwanath. 2020. Why do users not report spear phishing emails?Telematics and Informatics 48 (2020), 101\u2013343."},{"key":"e_1_3_2_1_28_1","unstructured":"Wired Magazine. [n. d.]. Researchers Uncover RSA Phishing Attack Hiding in Plain Sight. https:\/\/www.wired.com\/2011\/08\/how-rsa-got-hacked\/"},{"key":"e_1_3_2_1_29_1","volume-title":"Proceedings of the USENIX Security Symposium (USENIX).","author":"Melicher William","year":"2016","unstructured":"William Melicher, Blase Ur, Sean\u00a0M Segreti, Saranga Komanduri, Lujo Bauer, Nicolas Christin, and Lorrie\u00a0Faith Cranor. 2016. Fast, lean, and accurate: Modeling password guessability using neural networks. In Proceedings of the USENIX Security Symposium (USENIX)."},{"key":"e_1_3_2_1_30_1","first-page":"5","article-title":"Enhancing Cybersecurity Awareness Training: A Comprehensive Phishing Exercise Approach","volume":"14","author":"Miranda MJ","year":"2018","unstructured":"MJ Miranda. 2018. Enhancing Cybersecurity Awareness Training: A Comprehensive Phishing Exercise Approach. International Management Review 14, 2 (2018), 5\u201310.","journal-title":"International Management Review"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813660"},{"key":"e_1_3_2_1_32_1","unstructured":"CBS News. [n. d.]. The phishing email that hacked the account of John Podesta. https:\/\/www.cbsnews.com\/news\/the-phishing-email-that-hacked-the-account-of-john-podesta\/"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00049"},{"key":"e_1_3_2_1_34_1","volume-title":"Proceedings of the USENIX Security Symposium (USENIX).","author":"Oest Adam","year":"2020","unstructured":"Adam Oest, Yenganeh Safaei, Penghui Zhang, Brad Wardman, Kevin Tyers, Yan Shoshitaishvili, Adam Doup\u00e9, and Gail-Joon Ahn. 2020. PhishTime: Continuous Longitudinal Measurement of the Effectiveness of Anti-phishing Blacklists. In Proceedings of the USENIX Security Symposium (USENIX)."},{"key":"e_1_3_2_1_35_1","volume-title":"Proceedings of the USENIX Security Symposium (USENIX).","author":"Oest Adam","year":"2020","unstructured":"Adam Oest, Penghui Zhang, Brad Wardman, Eric Nunes, Jakub Burgis, Ali Zand, Kurt Thomas, Adam Doup\u00e9, and Gail-Joon Ahn. 2020. Sunrise to Sunset: Analyzing the End-to-end Life Cycle and Effectiveness of Phishing Attacks at Scale. In Proceedings of the USENIX Security Symposium (USENIX)."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300748"},{"key":"e_1_3_2_1_38_1","volume-title":"Proceedings of the USENIX Security Symposium (USENIX).","author":"Plane C","year":"2017","unstructured":"Angelisa\u00a0C Plane, Elissa\u00a0M Redmiles, Michelle\u00a0L Mazurek, and Michael\u00a0Carl Tschantz. 2017. Exploring user perceptions of discrimination in online targeted advertising. In Proceedings of the USENIX Security Symposium (USENIX)."},{"key":"e_1_3_2_1_40_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy.","author":"Schecter Stuart","year":"2007","unstructured":"Stuart Schecter, Rachna Dhamija, Andy Ozment, and Ian Fischer. 2007. The Emperor\u2019s New Security Indicators: An evaluation of website authentication and the effect of role playing on usability studies. In Proceedings of the IEEE Symposium on Security and Privacy."},{"key":"e_1_3_2_1_41_1","volume-title":"Phishing: An Evolving Threat. International Journal of Students","author":"Shah Keyur","year":"2015","unstructured":"Keyur Shah, Tanushree Shenvi, Karan Desai, Reshad Asrani, and Varun Jain. 2015. Phishing: An Evolving Threat. International Journal of Students\u2019 Research in Technology & Management 3, 1 (2015), 216\u2013222."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.4236\/jis.2015.63021"},{"key":"e_1_3_2_1_43_1","volume-title":"Proceedings of the USENIX Security Symposium (USENIX).","author":"Sun Zhibo","year":"2021","unstructured":"Zhibo Sun, Adam Oest, Penghui Zhang, Carlos\u00a0E Rubio-Medrano, Tiffany Bao, Ruoyu Wang, Ziming Zhao, Yan Shoshitaishvili, Adam Doup\u00e9, and Gail-Joon Ahn. 2021. Having Your Cake and Eating It: An Analysis of Concession-Abuse-as-a-Service. In Proceedings of the USENIX Security Symposium (USENIX)."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.27"},{"key":"e_1_3_2_1_45_1","volume-title":"Proceedings of the USENIX Security Symposium (USENIX).","author":"Tu Huahong","year":"2019","unstructured":"Huahong Tu, Adam Doup\u00e9, Ziming Zhao, and Gail-Joon Ahn. 2019. Users Really Do Answer Telephone Scams. In Proceedings of the USENIX Security Symposium (USENIX)."},{"key":"e_1_3_2_1_46_1","volume-title":"Proceedings of the USENIX Security Symposium (USENIX).","author":"Ulqinaku Enis","year":"2021","unstructured":"Enis Ulqinaku, Hala Assal, AbdelRahman Abdou, Sonia Chiasson, and Srdjan Capkun. 2021. Is Real-time Phishing Eliminated with FIDO? Social Engineering Downgrade Attacks against FIDO Protocols. In Proceedings of the USENIX Security Symposium (USENIX)."},{"key":"e_1_3_2_1_47_1","volume-title":"Retrieved","author":"Cornell University","year":"2018","unstructured":"Cornell University. [n. d.]. NEW SUMMER EMPLOYMENT OFFER FOR STUDENTS BY MCKESSON CORPORATION. Retrieved Aug 10, 2018 from https:\/\/it.cornell.edu\/phish\/6315"},{"key":"e_1_3_2_1_48_1","unstructured":"USPS Office of Inspector General. 2015. Information Security Awareness Training and Phishing. https:\/\/www.uspsoig.gov\/sites\/default\/files\/document-library-files\/2015\/IT-AR-16-001.pdf"},{"key":"e_1_3_2_1_49_1","volume-title":"Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI).","author":"Vaidya Tavish","year":"2019","unstructured":"Tavish Vaidya, Daniel Votipka, Michelle\u00a0L Mazurek, and Micah Sherr. 2019. Does Being Verified Make You More Credible? Account Verification\u2019s Effect on Tweet Credibility. In Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI)."},{"key":"e_1_3_2_1_52_1","volume-title":"Proceedings of the ACM Conference on Computer and Communications Security (CCS).","author":"Weinshel Ben","year":"2019","unstructured":"Ben Weinshel, Miranda Wei, Mainack Mondal, Euirim Choi, Shawn Shan, Claire Dolin, Michelle\u00a0L Mazurek, and Blase Ur. 2019. Oh, the Places You\u2019ve Been! User Reactions to Longitudinal Transparency About Third-Party Web Tracking and Inferencing. In Proceedings of the ACM Conference on Computer and Communications Security (CCS)."},{"key":"e_1_3_2_1_53_1","volume-title":"Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI).","author":"Wen Zikai\u00a0Alex","year":"2019","unstructured":"Zikai\u00a0Alex Wen, Zhiqiu Lin, Rowena Chen, and Erik Andersen. 2019. What. hack: Engaging anti-phishing training through a role-playing phishing simulation game. In Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI)."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1080\/0144929X.2018.1519599"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/1124772.1124863"},{"key":"e_1_3_2_1_56_1","first-page":"297","article-title":"Phishing, SMiShing & Vishing: An Assessment of Threats against Mobile Devices","volume":"5","author":"Yeboah-Boateng Ezer\u00a0Osei","year":"2014","unstructured":"Ezer\u00a0Osei Yeboah-Boateng and Priscilla\u00a0Mateko Amanor. 2014. Phishing, SMiShing & Vishing: An Assessment of Threats against Mobile Devices. Journal of Emerging Trends in Computing and Information Sciences 5, 4 (2014), 297\u2013307.","journal-title":"Journal of Emerging Trends in Computing and Information Sciences"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00021"}],"event":{"name":"RAID '24: The 27th International Symposium on Research in Attacks, Intrusions and Defenses","location":"Padua Italy","acronym":"RAID '24"},"container-title":["The 27th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3678890.3678926","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/abs\/10.1145\/3678890.3678926","content-type":"text\/html","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3678890.3678926","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:18:00Z","timestamp":1750295880000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3678890.3678926"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,30]]},"references-count":53,"alternative-id":["10.1145\/3678890.3678926","10.1145\/3678890"],"URL":"https:\/\/doi.org\/10.1145\/3678890.3678926","relation":{},"subject":[],"published":{"date-parts":[[2024,9,30]]},"assertion":[{"value":"2024-09-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}