Adopting the CMU/APWG Anti-phishing Landing Page Idea for Germany

Security and Trust Management

Bergmann

et al. 2014

Self Cite

Phishing is still a prevalent issue in today's Internet. It can have financial or personal consequences. Attacks continue to become more and more sophisticated and the advanced ones (including spear phishing) can only be detected if people carefully check URLs. We developed a game based smartphone app -NoPhish -to educate people in accessing, parsing and checking URLs; i.e. enabling them to distinguish trustworthy and non-trustworthy websites. Throughout several levels information is provided and phishing detection is exercised.

Section: Introductionsupporting

confidence: 90%

NoPhish: An Anti-Phishing Education App

Canova

Security and Trust Management

Bergmann

et al. 2014

Self Cite

“…A further study [22] built upon the evaluation in [23,24] and tested the participants' retention via multiple simulated phishing emails sent over the course of 28 days, with the results showing no significant loss of retention by the end of study. A similar approach but with spear phishing messages was studied in [9,38]. The study in [10] further evaluated the effectiveness of an anti-phishing training based on three simulated phishing trials over a two month period, showing significant improvements even after the end of the study.…”

Section: Related Workmentioning

confidence: 99%

Developing and Evaluating a Five Minute Phishing Awareness Video

Trust, Privacy and Security in Digital Business

Renaud

Reinheimer

et al. 2018

Self Cite

Confidence tricksters have always defrauded the unwary. The computer era has merely extended their range and made it possible for them to target anyone in the world who has an email address. Nowadays, they send phishing messages that are specially crafted to deceive. Improving user awareness has the potential to reduce their effectiveness. We have previously developed and empirically-validated phishing awareness programmes. Our programmes are specifically designed to neutralize common phish-related misconceptions and teach people how to detect phishes. Many companies and individuals are already using our programmes, but a persistent niggle has been the amount of time required to complete the awareness programme. This paper reports on how we responded by developing and evaluating a condensed phishing awareness video that delivered phishing awareness more efficiently. Having watched our video, participants in our evaluation were able to detect phishing messages significantly more reliably right after watching the video (compared to before watching the video). This ability was also demonstrated after a retention period of eight weeks after first watching the video.

“…emails [25]. This is done by enabling them to send themselves with the NoPhish app an email from a sender address they provide in a corresponding form; and with a content they provide there as well.…”

Section: Introduction Partsmentioning

confidence: 99%

Learn to Spot Phishing URLs with the Android NoPhish App

Canova

Information Security Education Across the Curriculum

Bergmann

et al. 2015

Self Cite

Phishing is a prevalent issue in today's Internet. It can have financial or personal consequences. Attacks continue to become more and more sophisticated and the advanced ones (including spear phishing) can only be detected if people carefully check URLs -be it in messages or in the address bar of the web browser. We developed a game-based smartphone app -NoPhish -to educate people in accessing, parsing and checking URLs; i.e. enabling them to distinguish between trustworthy and non-trustworthy messages and websites. Throughout several levels of the game information is provided and phishing detection is exercised in a playful manner. Several learning principles were applied and the interfaces and texts were developed in a user-centered design.