Users More Aware of Browser Security Warnings, Study Finds
Internet users pay more attention to browser security warnings because they are better designed than before, a study by the Berkeley University of California shows. Among the warnings lately redesigned are toolbars that alert of phishing attacks, now replaced with full-page warnings.
The paper, titled “Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness,” looks at how users react to warnings displayed by Mozilla’s Firefox and Google’s Chrome browsers, which alert them of phishing attempts, malware attacks and invalid Secure Sockets Layer (SSL) certificates.
“We ﬁnd that browser security warnings can be successful: users clicked through fewer than a quarter of both browser’s malware and phishing warnings and a third of Mozilla Firefox’s SSL warnings,” researchers said.
“We also ﬁnd clickthrough rates as high as 70.2% for Google Chrome SSL warnings, indicating that the user experience of a warning can have a tremendous impact on user behavior.”
Researchers collected data on more than 25 million warning impressions and revealed that technical users bypassed security alerts more often.
“Technically advanced users might feel more confident in the security of their computers, be more curious about blocked websites or feel patronized by warnings,” the paper said.
So far, studies published between 2002 and 2009 showed most users took no heed of browsers’ security warnings.