Abstract
When people receive malicious emails that claim to be from a
trusted entity like their bank, they can be frightened and uncertain about how safe it is to ignore or delete the message. The
uncertainty is hard on users and it may lead them to engage
in unsafe actions like clicking on links “just to check.” In this
work we look at how to provide quick and accurate support
to people who report phishing so that they can confidentially
take appropriate action. For this, we will build a phishingadvice tool, PhishEd, that allows people to report malicious
emails that they encounter and get automatically generated
advice in response that is contextual to the suspicious email.
The advice is meant to both help them make an informed
decision about the reported email as well as provide some
education to help them in handling future malicious emails
better.
