| 
  • If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

View
 

Use Case Scenario

Page history last edited by sambhavic@... 15 years, 11 months ago

CulturAll 2.0 logo

Home

 

Bob is a visually impaired student who uses assistive technology to access email and the internet.  He receives an email purportedly from university administration instructing him to go to a website to update his personal information.  Upon arrival at the website, he hears prompts for a form asking for information such as his social insurance number.  He has been warned many times to protect this sort of information, so he instructs a browser plug-in to ask for an “appraisal” of the site.  The URL is sent anonymously to a community web site where both a software server and other people from his university see it.  The server is the first to respond and lets Bob know (within a second) that the URL, while not being in a list of known “phishing” sites, still appears suspicious in that it fits a statistical profile for such sites. 

 

A few minutes later, another sighted user of the system, Jerry, receives the same email that Bob received, views the web form and, from obvious visual cues, is able to immediately discern that it is not legitimate.  Jerry clicks a button in her browser and reports the site to the community as a suspected phishing lure.  The server sees this and updates its statistics accordingly to reinforce its initial classification.  Meanwhile, Bob has delayed entering his SIN into the form given the initial response.  His browser now informs him that another user has reported the site as untrustworthy.  Later, under a pseudonym, Bob posts a thank you message to the community and asks what it was about the site that made it appear fake.  Out of curiosity, Bob’s friend Chris checks out the site and reports back that it was very “disorganized” and “unprofessional”.  Bob then reveals that he is using a screen reader.  With a few other active community members, they discuss cues that might allow this particular type of phishing lure to be perceived as such via a screen reader.  This discussion is tagged by Chris as being relevant to both credibility and screen readers and added to the community knowledgebase after having all names replaced with pseudonyms.  (The knowledgebase can be queried for future tool development and refinement.)

Comments (0)

You don't have permission to comment on this page.