Internet users pay more attention to browser security warnings because they are better designed than before, a study by the Berkeley University of California shows. Among the warnings lately redesigned are toolbars that alert of phishing attacks, now replaced with full-page warnings.
The paper, titled â€œAlice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness,” looks at how users react to warnings displayed by Mozilla’s Firefox and Google’s Chrome browsers, which alert them of phishing attempts, malware attacks and invalid Secure Sockets Layer (SSL) certificates.
â€œWe ï¬nd that browser security warnings can be successful: users clicked through fewer than a quarter of both browserâ€™s malware and phishing warnings and a third of Mozilla Firefoxâ€™s SSL warnings,â€ researchers said.
â€œWe also ï¬nd clickthrough rates as high as 70.2% for Google Chrome SSL warnings, indicating that the user experience of a warning can have a tremendous impact on user behavior.â€
Researchers collected data on more than 25 million warning impressions and revealed that technical users bypassed security alerts more often.
“Technically advanced users might feel more confident in the security of their computers, be more curious about blocked websites or feel patronized by warnings,” the paper said.
So far, studies published between 2002 and 2009 showed most users took no heed of browsersâ€™ security warnings.