Mattia Mossano, M.Sc. M.A.

Mattia Mossano, M.Sc. M.A.

Contact

PGP-Key: key External Link
Fingerprint: 1B45 2776 BB5A 6231 8F6E 5083 4BA2 D855 D286 D5F6

S/MIME-Certificate: Certificate

Curriculum Vitae

Mattia Mossano has been working as a research assistant at SECUSO since December 2019. Before joining KIT, he completed his master's degree in cognitive science at the School of Informatics University of Edinburgh. The thesis dealt with the investigation of general advice against phishing attacks found on various public websites. He also wrote a master's thesis in philosophy at the University of Genoa, which criticized the use of evolutionary algorithms to generate general AIs.

Research interests

  • Anti-phishing training
  • User awareness material
  • URL readability enhancement
  • Accessible cybersecurity

Teaching

2025
  • Organiser SECUSO Research Seminar
  • WiSe: Praktikum "Security, Usability, and Society"
2024
  • Organiser SECUSO Research Seminar
  • WiSe: Praktikum "Security, Usability, and Society"
  • SoSe: Praktikum "Security, Usability, and Society"
2023
  • Organiser SECUSO Research Seminar
  • WiSe: Praktikum "Security, Usability, and Society"
2022
  • Organiser SECUSO Research Seminar
  • SoSe: Praktikum "Security, Usability, and Society"
2021
  • Organiser SECUSO Research Seminar
  • WiSe: Praktikum "Security, Usability, and Society"
  • SoSe: Praktikum "Security, Usability, and Society"
2020
  • Organiser SECUSO Research Seminar
  • SoSe: Praktikum "Security, Usability, and Society"

Co-supervision

Bachelor Thesis

  • Marcus Weigand (supervised by Prof. Dr. Melanie Volkamer and Mattia Mossano): Evaluation of Usable PIN Pad Interfaces for Users with Rheumatoid Arthritis (October 2024)
  • Matthias Teuber (supervised by Prof. Dr. Andreas Oberweis, Prof. Dr. Melanie Volkamer, Dr-Ing. Gunther Schiefer and Mattia Mossano): Usability study of mobile authentication for elderly users with rheumatoid arthritis (August 2023)
  • Rozalina Doneva  (supervised by Prof. Dr. Melanie Volkamer, Prof. Dr. Jörn Müller-Quade and Mattia Mossano): Development and Evaluation of Interventions to Motivate Users to Take Security Protection Measures (May 2021)

Awards

Distinguished Paper Award
Symposium on Usable Security (USEC) - San Diego
26th February 2024

Scientific Services

PC member

  • WASP 2024

Reviewing activities

  • CHI 2025
  • EuroUSEC 2024
  • WASP 2024
  • CHI 2024
  • EuroUSEC 2024
  • CHI 2023
  • TOPS 2022
  • ARES 2022
  • EuroUSEC 2020

Talks

SMILE4VIP: Intervention to Support Visually Impaired Users Against Phishing
Workshop on Accessible Security & Privacy (WASP) - Vienna, Austria
12th July 2024

Literature Review: Misconceptions about Phishing
IFIP International Symposium on Human Aspects of Information Security & Assurance (HAISA) - Skövde, Sweden
10th July 2024

Exploring Phishing Threats through QR Codes in Naturalistic Settings
Symposium on Usable Security and Privacy (USEC) - San Diego
26th February 2024

Influence of URL Formatting on Users' Phishing URL Detection
European Symposium on Usable Security (EuroUSEC) - Copenhagen
17th October 2023

An Introduction to Phishing through Research Results
Guest lecture in the course "Usable Security and Privacy" of the University of Paderborn
4th July 2023

Design and Evaluation of an Anti-Phishing Artifact Based on Useful Transparency
International Workshop on Socio-Technical Aspects in Security (STAST) - Copenhagen
29th September 2022

Security and Privacy for Everyone
DFS Deutsche Flugsicherung GmbH - Online
31st March 2022

Security and Privacy for Everyone
Nacht der Wissenschaft - Online
26th November 2021

SMILE - Smart eMaIl Link domain Extractor
Security, Privacy, Organizations, and Systems Engineering (SPOSE) - Online
8th October 2021

Analysis of publicly available anti-phishing webpages: contradicting information, lack of concrete advice and very narrow attack vector
European Workshop on Usable Security (EuroUSEC) - Online
7th September 2020

Publications


Literature Review: Misconceptions About Phishing
Mossano, M.; Volkamer, M.
2025. Human Aspects of Information Security and Assurance : 18th IFIP WG 11.12 International Symposium, HAISA 2024, Skövde, Sweden, July 9–11, 2024, Proceedings, Part I, 215–228, Springer Nature Switzerland. doi:10.1007/978-3-031-72559-3
SMILE4VIP: Intervention to Support Visually Impaired Users Against Phishing
Bohlender, M.; Morisco, R.; Mossano, M.; Schwarz, T.; Volkamer, M.
2024. 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Vienna, 8th-12th July 2024, 650 – 657, Institute of Electrical and Electronics Engineers (IEEE). doi:10.1109/EuroSPW61312.2024.00079
Better Together: The Interplay Between a Phishing Awareness Video and a Link-centric Phishing Support Tool
Berens, B. M.; Schaub, F.; Mossano, M.; Volkamer, M.
2024. Proceedings of the CHI Conference on Human Factors in Computing Systems, 1–60, Association for Computing Machinery (ACM). doi:10.1145/3613904.3642843
Exploring Phishing Threats through QR Codes in Naturalistic Settings
Sharevski, F.; Mossano, M.; Veit, M. F.; Schiefer, G.; Volkamer, M.
2024. Symposium on Usable Security and Privacy (USEC) 2024. doi:10.14722/usec.2024.23050
Taking 5 minutes protects you for 5 months: Evaluating an anti-phishing awareness video
Berens, B. M.; Mossano, M.; Volkamer, M.
2024. Computers & Security, 137, Art.-Nr.: 103620. doi:10.1016/j.cose.2023.103620
Influence of URL Formatting on Users’ Phishing URL Detection
Mossano, M.; Kulyk, O.; Berens, B. M.; Häußler, E. M.; Volkamer, M.
2023. Proceedings of the 2023 European Symposium on Usable Security, 318–333, Association for Computing Machinery (ACM). doi:10.1145/3617072.3617111
Development and Evaluation of an Anti-Phishing Shooting Game
Dietmann, H.; Länge, T.; Matheis, P.; Pawelek, A. A.; Berens, B.; Mossano, M.; Veit, M.; Mayer, P.; Volkamer, M.
2022. Karlsruher Institut für Technologie (KIT). doi:10.5445/IR/1000153329
The Phishing Master Anti-Phishing Game
Dietmann, H.; Länge, T.; Matheis, P.; Pawelek, A. A.; Berens, B.; Mossano, M.; Veit, M.; Mayer, P.; Volkamer, M.
2022, Dezember 8. Annual Computer Security Applications Conference (ACSAC 2022), Austin, TX, USA, 5.–9. Dezember 2022
Design and Evaluation of an Anti-Phishing Artifact Based on Useful Transparency
Beckmann, C.; Berens, B.; Kühl, N.; Mayer, P.; Mossano, M.; Volkamer, M.
2022. International Workshop on Socio-Technical Aspects in Security
SMILE - Smart eMaIl Link Domain Extractor
Mossano, M.; Berens, B.; Heller, P.; Beckmann, C.; Aldag, L.; Mayer, P.; Volkamer, M.
2022. Computer Security. ESORICS 2021 International Workshops – CyberICPS, SECPRE, ADIoT, SPOSE, CPS4CIP, and CDT&SECOMANE, Darmstadt, Germany, October 4–8, 2021, Revised Selected Papers. Ed.: S. Katsikas, 403–412, Springer International Publishing. doi:10.1007/978-3-030-95484-0_23
Phishing awareness and education – When to best remind?
Berens, B. M.; Dimitrova, K.; Mossano, M.; Volkamer, M.
2022. Symposium on Usable Security and Privacy (USEC), co-located with the Network and Distributed System Security Symposium (NDSS 2022), San Diego, CA, April 23, 2022. doi:10.14722/usec.2022.23075
Reporting on insights gained into UK citizens’ perceptions of contactless card risks
Aldag, L.; Renaud, K.; Berens, B.; Düzgün, R.; Mossano, M.; Volkamer, M.
2020. Karlsruher Institut für Technologie (KIT). doi:10.5445/IR/1000137542
How to Increase Smart Home Security and Privacy Risk Perception
Duezguen, R.; Mayer, P.; Berens, B.; Beckmann, C.; Aldag, L.; Mossano, M.; Volkamer, M.; Strufe, T.
2021. 20th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 18 - 20 Augus 2021, Shenyang, China, 997–1004, Institute of Electrical and Electronics Engineers (IEEE). doi:10.1109/TrustCom53373.2021.00138
Analysis of publicly available anti-phishing webpages: contradicting information, lack of concrete advice and very narrow attack vector
Mossano, M.; Vaniea, K.; Aldag, L.; Düzgün, R.; Mayer, P.; Volkamer, M.
2020. IEEE European Symposium on Security and Privacy 2020, (EuroS&PW) - The 5th European Workshop on Usable Security, September 7, 2020, Online (ursprünglich: June 15, 2020, Genova, Italy), 130–139, Institute of Electrical and Electronics Engineers (IEEE). doi:10.1109/EuroSPW51379.2020.00026
An investigation of phishing awareness and education over time: When and how to best remind users
Reinheimer, B. M.; Aldag, L.; Mayer, P.; Mossano, M.; Düzgün, R.; Lofthouse, B.; Landesberger, T. von; Volkamer, M.
2020. Proceedings of the Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020) : August 10-11, 2020, 259–284, Advanced Computing Systems Association (USENIX)