Anti-Phishing Landing Page: Turning a 404 into a Teachable Moment for End Users

This paper describes the design and implementation of the Anti-Phishing Working Group (APWG) anti-phishing landing page, a web page with a succinct anti-phishing training message designed to be displayed in place of a phishing website that has been taken down. The landing page is currently being used by financial institutions, phish site take-down vendors, government organizations and online merchants. When would-be phishing victims try to visit a phishing web site that has been taken down, they are redirected to the landing page, hosted on the APWG website. In this paper, we discuss the iterative user-centered design process we used to develop the landing page content. We present the data we collected from the landing page log files from October 1, 2008 through March 31, 2009, during the first six months of the landing page program. Our analysis suggests that approximately 70,000 Internet users have been educated by the landing page during this period. We identified 3,917 unique phishing URLs that had been redirected to the landing page. We found 81 URLs that appeared in our log files in email messages archived in the APWG phishing email repository. We present our analysis of the features of these emails.