Existing deceptive interface (DP) detection methods heavily rely on manual analysis and suffer from poor generalizability. To address this, we propose the first unified DP taxonomy for security and privacy, integrating cognitive bias theory with security principles. We construct a high-quality, multi-platform benchmark dataset comprising 6,725 images and 10,421 annotated DP instances. Furthermore, we design DPGuard—the first end-to-end, fully automated DP detection framework leveraging commercial multimodal large language models (MLLMs). Experimental results demonstrate that DPGuard outperforms state-of-the-art approaches in accuracy. In large-scale empirical evaluation across 2,000 mainstream apps and websites, DPGuard identifies deceptive patterns in 23.61% of mobile screenshots and 47.27% of web screenshots. Notably, our work uncovers four previously undocumented security risks stemming from DPs and supports four original case studies on their real-world security impacts.

Deceptive patterns (DPs) are user interface designs deliberately crafted to manipulate users into unintended decisions, often by exploiting cognitive biases for the benefit of companies or services. While numerous studies have explored ways to identify these deceptive patterns, many existing solutions require significant human intervention and struggle to keep pace with the evolving nature of deceptive designs. To address these challenges, we expanded the deceptive pattern taxonomy from security and privacy perspectives, refining its categories and scope. We created a comprehensive dataset of deceptive patterns by integrating existing small-scale datasets with new samples, resulting in 6,725 images and 10,421 DP instances from mobile apps and websites. We then developed DPGuard, a novel automatic tool leveraging commercial multimodal large language models (MLLMs) for deceptive pattern detection. Experimental results show that DPGuard outperforms state-of-the-art methods. Finally, we conducted an extensive empirical evaluation on 2,000 popular mobile apps and websites, revealing that 23.61% of mobile screenshots and 47.27% of website screenshots feature at least one deceptive pattern instance. Through four unexplored case studies that inform security implications, we highlight the critical importance of the unified taxonomy in addressing the growing challenges of Internet deception.