50 Shades of Deceptive Patterns: A Unified Taxonomy, Multimodal Detection, and Security Implications

Date

2025

Authors

Shi, Z.
Sun, R.
Chen, J.
Sun, J.
Xue, M.
Gao, Y.
Liu, F.
Yuan, X.

Editors

Advisors

Journal Title

Journal ISSN

Volume Title

Type:

Conference paper

Citation

Proceedings of the ACM Web Conference (WWW'25), 2025, pp.978-989

Statement of Responsibility

Zewei Shi, Ruoxi Sun, Jieshan Chen, Jiamou Sun, Minhui Xue, Yansong Gao, Feng Liu, Xingliang Yuan

Conference Name

ACM Web Conference (WWW) (28 Apr 2025 - 2 May 2025 : Sydney, NSW, Australia)

DOI

10.1145/3696410.3714593

Abstract

Deceptive patterns (DPs) are user interface designs deliberately crafted to manipulate users into unintended decisions, often by exploiting cognitive biases for the benefit of companies or services. While numerous studies have explored ways to identify these deceptive patterns, many existing solutions require significant human intervention and struggle to keep pace with the evolving nature of deceptive designs. To address these challenges, we expanded the deceptive pattern taxonomy from security and privacy perspectives, refining its categories and scope.We created a comprehensive dataset of deceptive patterns by integrating existing small-scale datasets with new samples, resulting in 6,725 images and 10,421 DP instances from mobile apps and websites. We then developed DPGuard, a novel automatic tool leveraging commercial multimodal large language models (MLLMs) for deceptive pattern detection. Experimental results show that DPGuard outperforms state-of-the-art methods. An extensive empirical evaluation on 2,000 popular mobile apps and websites reveals that 25.7% of mobile apps and 49.0% websites feature at least one deceptive pattern instance. Through 4 unexplored case studies that inform security implications, we highlight the critical importance of the unified taxonomy in addressing the growing challenges of Internet deception.

School/Discipline

Dissertation Note

Provenance

Description

Session 17: Phishing, Deception, and Consumer Risks

Access Status

Rights

© 2025 Copyright held by the owner/author(s). Publication rights licensed to ACM. Open Access.

License

Grant ID

http://purl.org/au-research/grants/arc/DP230101540
 http://purl.org/au-research/grants/arc/DE240101089
 http://purl.org/au-research/grants/arc/DP240103068

Published Version

https://dl.acm.org/doi/proceedings/10.1145/3696410

Call number

Persistent link to this record

https://hdl.handle.net/2440/148154