Notifying users about a system's data practices is supposed to enable users to make
informed privacy decisions. Yet, current notice and choice mechanisms, such as privacy …

Privacy notice and choice are essential aspects of privacy and data protection regulation
worldwide. Yet, today's privacy notices and controls are surprisingly ineffective at informing …

It is important for organisations to ensure that their privacy policies are General Data
Protection Regulation (GDPR) compliant, and this has to be done by the May 2018 deadline …

Web browser warnings should help protect people from malware, phishing, and network
attacks. Adhering to warnings keeps people safer online. Recent improvements in warning …

Research in the fields of information systems and human-computer interaction has shown
that habituation—decreased response to repeated stimulation—is a serious threat to the …

Security warning is a form of computer dialog communication that is used to inform the users
on the risks of allowing random applications to run on a computer system. Accordingly, it is …

This paper examines online users' perceived susceptibility to phishing attacks. We posit that
an individual's phishing susceptibility may be shaped by recent phishing encounters and …

Spear phishing has been a persistent threat to users and organizations, and yet email
providers still face key challenges to authenticate incoming emails. As a result, attackers can …

Warning messages are fundamental to users' security interactions. Unfortunately, they are
largely ineffective, as shown by prior research. A key contributor to this failure is habituation …

Recent years have seen growing organizational adoption of two-factor authentication as
organizations seek to limit the damage caused by password breaches. However, research …