A Training Web Platform to Improve Cognitive Skills for Phishing Attacks Detection

Cazares, María; Arévalo, Diana; Andrade, Roberto; Fuertes, Walter; Sánchez-Rubio, Manuel

doi:10.1007/978-981-16-6309-3_4

Cited by 1 publication

(1 citation statement)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Falling victim to a phishing attack is more dominant in security attacks because attackers tend to exploit the psychological factors of their target persons into clicking the links [18]. However, various studies [19][20][21][22][23] in phishing susceptibility in healthcare have not explored these psychological theories, except a study by Jalali et al which explored the theory of planned behaviour and collected felt trust [24].…”

Section: Perception and Work Factors With A Phishing Simulation Studymentioning

confidence: 99%

Investigation into Phishing Risk Behaviour among Healthcare Staff

et al. 2022

View full text Add to dashboard Cite

A phishing attack is one of the less complicated ways to circumvent sophisticated technical security measures. It is often used to exploit psychological (as as well as other) factors of human users to succeed in social engineering attacks including ransomware. Guided by the state-of-the-arts in a phishing simulation study in healthcare and after deeply assessing the ethical dilemmas, an SMSbased phishing simulation was conducted among healthcare workers in Ghana. The study adopted an in-the-wild study approach alongside quantitative and qualitative surveys. From the state-of-the art studies, the in-the-wild study approach was the most commonly used method as compared to laboratory-based experiments and statistical surveys because its findings are generally reliable and effective. The attack results also showed that 61% of the targeted healthcare staff were susceptible, and some of the healthcare staff were not victims of the attack because they prioritized patient care and were not susceptible to the simulated phishing attack. Through structural equation modelling, the workload was estimated to have a significant effect on self-efficacy risk (r = 0.5, p-value = 0.05) and work emergency predicted a perceived barrier in the reverse direction at a substantial level of r = −0.46, p-value = 0.00. Additionally, Pearson’s correlation showed that the perceived barrier was a predictor of self-reported security behaviour in phishing attacks among healthcare staff. As a result, various suggestions including an extra workload balancing layer of security controls in emergency departments and better security training were suggested to enhance staff’s conscious care behaviour.

show abstract