TY - GEN
T1 - Developing and evaluating a five minute phishing awareness video
AU - Volkamer, Melanie
AU - Renaud, Karen
AU - Reinheimer, Benjamin
AU - Rack, Philipp
AU - Ghiglieri, Marco
AU - Mayer, Peter
AU - Kunz, Alexandra
AU - Gerber, Nina
A2 - Furnell, Steven
A2 - Mouratidis, Haralambos
A2 - Pernul, Günther
N1 - Conference code: 15
PY - 2018/7/27
Y1 - 2018/7/27
N2 - Confidence tricksters have always defrauded the unwary. The computer era has merely extended their range and made it possible for them to target anyone in the world who has an email address. Nowadays, they send phishing messages that are specially crafted to deceive. Improving user awareness has the potential to reduce their effectiveness. We have previously developed and empirically-validated phishing awareness programmes. Our programmes are specifically designed to neutralize common phish-related misconceptions and teach people how to detect phishes. Many companies and individuals are already using our programmes, but a persistent niggle has been the amount of time required to complete the awareness programme. This paper reports on how we responded by developing and evaluating a condensed phishing awareness video that delivered phishing awareness more efficiently. Having watched our video, participants in our evaluation were able to detect phishing messages significantly more reliably right after watching the video (compared to before watching the video). This ability was also demonstrated after a retention period of eight weeks after first watching the video.
AB - Confidence tricksters have always defrauded the unwary. The computer era has merely extended their range and made it possible for them to target anyone in the world who has an email address. Nowadays, they send phishing messages that are specially crafted to deceive. Improving user awareness has the potential to reduce their effectiveness. We have previously developed and empirically-validated phishing awareness programmes. Our programmes are specifically designed to neutralize common phish-related misconceptions and teach people how to detect phishes. Many companies and individuals are already using our programmes, but a persistent niggle has been the amount of time required to complete the awareness programme. This paper reports on how we responded by developing and evaluating a condensed phishing awareness video that delivered phishing awareness more efficiently. Having watched our video, participants in our evaluation were able to detect phishing messages significantly more reliably right after watching the video (compared to before watching the video). This ability was also demonstrated after a retention period of eight weeks after first watching the video.
KW - phishing awareness
KW - use study
KW - retention study
U2 - 10.1007/978-3-319-98385-1_9
DO - 10.1007/978-3-319-98385-1_9
M3 - Conference contribution book
SN - 9783319983844
SN - 3319983849
VL - 11033
T3 - Lecture Notes in Computer Science
SP - 119
EP - 134
BT - Trust, Privacy and Security in Digital Business
PB - Springer
CY - Cham
T2 - 15th International Conference on Trust, Privacy and Security in Digital Business 2018
Y2 - 5 September 2018 through 6 September 2018
ER -