Restricting the Link: Effects of Focused Attention and Time Delay on Phishing Warning Effectiveness

Abstract - In anti-phishing warning research two forms of hyperlink restrictions have been suggested for reducing phishing click-through rates: focused attention, where a suspicious link is only clickable inside of the warning; and time delay, where link clicking is disabled for a short period of time. Both measures aim to draw user attention to the warning and nudge them to carefully evaluate the respective link’s URL. However, the effectiveness of these measures has so far not been comparatively evaluated. We conducted a mixed-methods online experiment (n=1,320) to understand differences in the effectiveness of focused attention and time delay both independently and together using a instrumented email inbox environment, in which participants were asked to assess emails. We found that both focused attention and time delay were effective at reducing click-through rates independently, with focused attention being more effective than time delay. However, combining both measures was even more effective. We also found that participants who saw a warning with a time delay were more likely to hover over hyperlinks for longer than those who saw a focused attention warning. We discuss our findings’ implications for the design of anti-phishing warnings.

GitHub Repo (Private until public release September 2024)