Understanding the natural human behavior when people interact with Web browsers is essential for building more user-centric interface design that is customized based on user's perception and experience. This paper presents the first empirical study of users' interaction with security indicators in Web browsers in a controlled real life security risk. The work focuses on the natural and spontaneous behavior of the victim's eyes on several predetermined area of interest, and empirically presents users' evaluation of several online logon pages. The experiment and its results provide a quantitative evidence of the usability of visual security indicators in Internet Explorer (IE8). We first categorized a set of Websites and created phishing Web Pages using most known phishing techniques, and then a group of users from different backgrounds and age groups took the controlled experiment on an eye tracking machine. We found that the simplicity approach in Web design causes more damage rather than helping in online security, and that the current sleek design of Web pages helps users find the logon area and overlook the security indicators instead. We also found that the security certificate cue was not used by the participants to determine the legitimacy of the presented Websites. © 2012 IEEE.