Saved in:
Bibliographic Details
Main Authors: Sharevski, Filipo, Loop, Jennifer Vander, Ferguson, Sarah
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2412.01474
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866910724370989056
author Sharevski, Filipo
Loop, Jennifer Vander
Ferguson, Sarah
author_facet Sharevski, Filipo
Loop, Jennifer Vander
Ferguson, Sarah
contents This paper reports on a study exploring user experiences with suspicious emails and associated warnings when accessed through virtual reality (VR) headsets in realistic settings. A group of (n=20) Apple Vision Pro and another group of (n=20) Meta Quest 3 users were invited to sort through their own selection of Google mail suspicious emails through the VR headset. We asked them to verbalize the experience relative to how they assess the emails, what cues they use to determine their legitimacy, and what actions they would take for each suspicious email of their choice. We covertly sent a "false positive" suspicious email containing either a URL or an attachment (an email that is assigned a suspicious email warning but, in reality, is a legitimate one) and observed how participants would interact with it. Two participants clicked on the link (Apple Vision Pro), and one participant opened the attachment (Meta Quest 3). Upon close inspection, in all three instances, the participant "fell" for the phish because of the VR headsets' hypersensitive clicking and lack of ergonomic precision during the routine email sorting task. These and the other participants thus offered recommendations for implementing suspicious email warnings in VR environments, considerate of the immersiveness and ergonomics of the headsets' interface.
format Preprint
id arxiv_https___arxiv_org_abs_2412_01474
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle "Oh, sh*t! I actually opened the document!": An Empirical Study of the Experiences with Suspicious Emails in Virtual Reality Headsets
Sharevski, Filipo
Loop, Jennifer Vander
Ferguson, Sarah
Cryptography and Security
This paper reports on a study exploring user experiences with suspicious emails and associated warnings when accessed through virtual reality (VR) headsets in realistic settings. A group of (n=20) Apple Vision Pro and another group of (n=20) Meta Quest 3 users were invited to sort through their own selection of Google mail suspicious emails through the VR headset. We asked them to verbalize the experience relative to how they assess the emails, what cues they use to determine their legitimacy, and what actions they would take for each suspicious email of their choice. We covertly sent a "false positive" suspicious email containing either a URL or an attachment (an email that is assigned a suspicious email warning but, in reality, is a legitimate one) and observed how participants would interact with it. Two participants clicked on the link (Apple Vision Pro), and one participant opened the attachment (Meta Quest 3). Upon close inspection, in all three instances, the participant "fell" for the phish because of the VR headsets' hypersensitive clicking and lack of ergonomic precision during the routine email sorting task. These and the other participants thus offered recommendations for implementing suspicious email warnings in VR environments, considerate of the immersiveness and ergonomics of the headsets' interface.
title "Oh, sh*t! I actually opened the document!": An Empirical Study of the Experiences with Suspicious Emails in Virtual Reality Headsets
topic Cryptography and Security
url https://arxiv.org/abs/2412.01474