<

>

Personal Project 2:

Phishing Detection

I PREVENT.

Not every link is what it seems.
But Canary knows.
Keeps you safe before you click.

1

2

3

4

5

Lesson Learned

Key Insights

Hi-Fidelity Prototype

Lo-Fidelity Prototype

Brainstorm Solutions

Opportunity

Challenge

Initial Insights

Discovery

Research

Ideation

Prototype

Reflect

UX Process

Competitive Analysis

The Why

Hypothesis

DISCOVERY

What is a Phishing Detection Tool?

This tool is a browser extension that automatically scans links in real time using trusted sources to detect phishing links. It empowers non-technical users to browse safely without manually checking and secure sandbox options for risky links.

Initial Insights

During initial research, I realized that most phishing detection tools require users to manually check if a link is a phishing threat or not and that there is no secure environment for them to browse if they do choose to continue with these risky websites.

Hypothesis

What if we make the phishing detection tool more proactive instead of reactive, more users may be protected against phishing scam links or emails.

Understanding the Challenge and Opportunity

RESEARCH

Timeline

Nov 2024 - Feb 2025

The Opportunity

To design a phishing detection tool that automatically check links when the user is browsing and allow for an environment for safe browsing.

The Challenge

To help users protect themselves from social engineering attacks like phishing scams.

Tools

Figma & VS Code

Role & Responsibilities

Solo UX/UI Designer

Coder

Competitor Analysis

RESEARCH

I researched and compared Canary to a few phishing detection tools such as PhishTank and WoT (Web of Trust) to see how it can differentiate itself to these industry-standard tools.

Crowd-sourced database of phishing websites

PhishTank

Browser Extension that rates website safety

WoT (Web of Trust)

Strengths:

  • Crowdsourced database that updated frequently by a community of users

  • Trusted by several cybersecurity platforms as a phishing database

Weaknesses:

  • Manual checks

  • Interface may be too technical and not intuitive for non-experts.

Compared to Canary:

  • PhishTank is reliable for cross-referencing known phishing URLs but requires manual input which is inconvenient.

  • Canary automates the detection process and provides a sandbox environment to explore the links safely.

Strengths:

  • Real-Time warnings that passively monitors and flags unsafe websites

  • Easy to understand icons for safe, risky and dangerous websites

Weaknesses:

  • Primarily focuses on reputation by community rather than deep threat analysis.

Compared to Canary:

  • WoT provides safety ratings based on community input which can sometimes be inaccurate or biased.

  • Canary takes a more data-driven approach using phishing databases to automatically check links.

  • Canary's sandbox environment also offers a unique way to explore suspicious contents.

What I Propose…

IDEATION

By blending a combination of Tier-Based Status, Plain Language Alerts, and a Community Awareness Dashboard, Canary aims to make security more easier to understand and foster a sense of responsibility within residential buildings

An environment for users to continue browsing the suspicious link that will not affect their network.

Sandbox Environment

No more inconvenience of manually checking potentially dangerous URLs

Automatic Phishing Checks

"Solution 2"

"Solution 1"

PROTOTYPE

Lo-Fidelity Prototype

Hi-Fidelity Prototype

Looking Back…

REFLECT

Key Insights & Wins:

Lesson Learned:

  • Taking on the entire design process solo taught me the importance of staying organized, adapting quickly, and prioritizing tasks in order to maintain progress.


  • Since it is a conceptual project, I learned that leveraging AI tools to help with research can boost inspiration and efficiency to streamline my UX process


  • I learned that having a sandbox environment, while difficult to implement, is one of the best ways to ensure that non-technical users do not fall victim and do not accidentally let malicious actors into their networks.

  • I took on the challenge of designing all of Canary features on my own, from start to finish. It was a lot to handle but it pushed me to think creatively and stay organized.


  • Diving into the security market was a new experience, but I quickly figured out where the gaps were and how to address them through design.


  • I prioritized real-time detection without disrupting user's browsing experience, keep alerts clear and actionable.