Generalizing the phishing principle

Sykosch, Arnold; Doll, Christian; Wübbeling, Matthias; Meier, Michael

doi:10.1145/3407023.3409205

Cited by 2 publications

(1 citation statement)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, they discovered that the method by which the attack is delivered to the victim matters and can significantly increase up to three times the effect of the base attack. Sykosch et al (2020) introduced a framework that captures user responses to artefacts like phishing tests. They performed user behaviour analysis in response to controlled stimuli for IT security awareness assessment stimuli is something causing or regarded as causing a reply.…”

Section: Url/ Linkmentioning

confidence: 99%

Enhancing Information Security Awareness on Phishing Among It Students: A Pilot Test Case Study at Politeknik Tuanku Syed Sirajuddin

Ismail,

Fammy Rikzan,

Katuk

et al. 2023

jdsd

View full text Add to dashboard Cite

Students engage with the core operations of university business processes, making them potential targets susceptible to significant cyberattack risks due to their limited experience and knowledge in information security. Consequently, IT students must gain awareness and competence in information security to mitigate potential threats and attacks, including those related to Information Technology (IT) security threats and the loss of valuable information and intellectual assets. This paper aims to assess the Phishing Awareness Program implemented at the Department of Information Technology and Communication (ITC) in Politeknik Tuanku Syed Sirajuddin (PTSS) and its students' awareness level. The significance of this study is focusing on students’ weaknesses and educating them about being cyber victims. Thirty students were involved in participating in this survey. They were given a set of questionnaires and performed pre-test and post-tests. After that, they were given three videos related to phishing and, later, three videos related to the consequences of phishing. Their awareness evaluation was performed after video training had been completed. Even though the score results of the post-test were increased and got positive feedback from respondents, several respondents still got the medium-level score. Suggestion for improvement was obtained to improve the current video content and its implementation. This work contributes to the information security awareness domain, where managers at higher learning institutions can replicate similar processes as proposed in this work in conducting similar training awareness with their students.

show abstract

Section: Url/ Linkmentioning

confidence: 99%