Understanding and Mitigating SMiShing Vulnerability: Insights from U.S. Surveys and Interviews
Oct 8th 11:30-12:30 WWH 335
Cori Faklaris
Department of Software and Information Systems
UNC Charlotte
Abstract:
As mobile phone usage continues to rise, so do scams targeting these devices. SMiShing, or SMS phishing, involves fraudsters sending phishing links via text messages. Despite its growing prevalence, little is known about who is most vulnerable to these attacks and why. In this talk, we present findings from a large-scale survey of 1,007 U.S. adult mobile phone users and in-depth interviews with 29 participants. The survey reveals that younger individuals and college students are particularly susceptible to SMiShing. Interestingly, participants with higher levels of security training and awareness were less accurate in identifying legitimate messages, suggesting a potential “security expertise bias.” The interviews provide deeper insights into the cues people use to judge SMS legitimacy, such as content, format, and links, and highlight the need for improved user interfaces and reporting mechanisms. Additionally, our work on visual trust indicators shows that intuitive colors, clear symbols, and simple designs significantly enhance users’ ability to identify trustworthy messages. We will discuss the implications of these findings for researchers, regulators, and telecom providers, and propose recommendations for enhancing user education and designing more effective interventions to mitigate SMiShing risks.
Bio
Dr. Cori Faklaris (https://corifaklaris.com) is an assistant professor at UNC Charlotte’s College of Computing and Informatics, where she directs the Security and Privacy Experiences (SPEX) group. Her focus is on understanding people’s needs and designing for safe, secure, and trustworthy computing, including artificial intelligence. In this interdisciplinary work, Faklaris draws on methods from social science, computer science, data science and machine learning, cybersecurity, and design. She also employs skills and knowledge from her past careers in journalism, IT/UX, and social media. Among other accomplishments, she received a 2024 Google Research Scholar award for work to connect people with advice about their security and privacy concerns. Her work is also funded by BasisLabs LLC founder Carl Hoffman, the U.S. Army Research Lab, and the U.S. National Science Foundation.