Phish Derby: Shoring the Human Shield Through Gamified Phishing Attacks

Canham, Matthew; Posey, Clay; Constantino, Michael J.

doi:10.3389/feduc.2021.807277

Cited by 13 publications

(8 citation statements)

References 49 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Section: Rqmentioning

confidence: 96%

“…Positive behavior changes, as a measurable outcome associated with game elements, are supported by the studies of [16] and [47]. In their study, [47] explored the impact of gamification elements, including Points, Competition, Alerts, and Feedback, in the Phish Derby experiment. The Phish Derby experiment involved gamifying phishing security awareness training to understand employees' reporting behaviors regarding phishing emails.…”

Section: Rqmentioning

confidence: 96%

“…The results showed an average improvement of 51.4% in security awareness, suggesting that gamification actively engaged employees and contributed to increased security awareness. Study [47] emphasized the positive impact of gamification in phishing awareness exercises, particularly with the Phish Derby. Participants enjoyed the gamified experience, highlighting that the focus on positive To enhance information security awareness by increasing user motivation and reducing learning barriers.…”

Section: Rq1 Does Gamification Make Learning About Cybersecurity Awar...mentioning

confidence: 99%

“…In summary, gamified elements consistently yield measurable results, such as increased knowledge, improved engagement, and behavior changes, effectively aligning with specific learning goals in cybersecurity. These include enhanced cybersecurity understand ing and awareness [6], [26], demonstrated by improved phishing threat recognition [47] and positive changes in employee behavior related to cybersecurity practices [6], as evidenced by improved password selection [16].…”

Section: Rqmentioning

confidence: 99%

See 3 more Smart Citations

Gamification of Cybersecurity Awareness for Non-IT Professionals: A Systematic Literature Review

Gwenhure,

Sapty Rahayu

2024

IJSG

View full text Add to dashboard Cite

This literature review delves into research on the gamification of cybersecurity awareness for non-IT professionals, aiming to provide an accurate report on known and unknown information regarding three key questions: the impact of gamification on cybersecurity awareness interest and engagement, measurable results related to game elements and their connection to specific learning goals, and the long-term effectiveness of gamified cybersecurity. Examining five relevant papers, the findings confirm short-term effectiveness and indicate that the incorporation of various game elements, such as storytelling, team leaderboards, and interactive scenarios, results in increased knowledge, improved engagement, and positive behavior changes aligned with specific cybersecurity awareness learning goals. However, the review also identifies recurring gaps in evaluating individual game elements and customizing gamification strategies for non-IT professionals. Highlighting a critical gap in understanding long-term effectiveness, we argue for further empirical studies to consider habituation effects, emphasizing the need for a nuanced understanding of gamification's impact on cybersecurity awareness over an extended period. Thus, the review contributes to the existing body of knowledge by emphasizing the necessity for empirical studies focusing on sustained, long-term effectiveness and habituation effects in gamified cybersecurity initiatives.

show abstract

Section: Rqmentioning

confidence: 96%

Section: Rqmentioning

confidence: 96%

Section: Rq1 Does Gamification Make Learning About Cybersecurity Awar...mentioning

confidence: 99%

Section: Rqmentioning

confidence: 99%

See 2 more Smart Citations

Gamification of Cybersecurity Awareness for Non-IT Professionals: A Systematic Literature Review

Gwenhure,

Sapty Rahayu

2024

IJSG

View full text Add to dashboard Cite

show abstract

“…Maladaptive cybersecurity behaviors (i.e., impulsive clicking) have been identified as a major threat to both individual and organizational security (Canham et al, 2022). Therefore, the course focused on improving cognitive and behavioral factors such as self-efficacy, repeat clicking, and critical thinking in risk assessment to encourage learning.…”

Section: Im Step : the Identification And Definition Of Performance A...mentioning

confidence: 99%

Application of intervention mapping in cybersecurity education design

et al. 2022

View full text Add to dashboard Cite

Education in Cybersecurity is considered one of the key challenges facing the modern digitized world. Several frameworks, e.g., developed by NIST or ENISA, have defined requirements for cybersecurity education but do not give recommendations for their development. Developing appropriate education offerings need to incorporate theory-based approaches that are evidence supported. Adopting the Intervention Mapping paradigm, we propose an educational framework incorporating validated theoretical and evidence-based approaches to cybersecurity education encompassing stakeholders' input, identified competency needs, and how to implement and evaluate learning outcomes. This paper presents a case study of how Intervention Mapping can be used to help design cybersecurity education, discuss challenges in educational and professional aspects of cybersecurity, and present an applied educational approach based on Intervention Mapping and its evaluation.

show abstract

Individual Deep Fake Recognition Skills are Affected by Viewer’s Political Orientation, Agreement with Content and Device Used

Sütterlin,

Ask,

Mägerle

et al. 2023

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

AI-generated "deep fakes" is increasingly used by cybercriminals conducting targeted and tailored social engineering attacks, and for influencing public opinion. To raise awareness and efficiently train individuals in recognizing deep fakes, understanding individual differences in the ability to recognize them is central. Previous research suggested a close relationship between political attitudes and top-down perceptual and cognitive processing styles. In this study, we investigate the impact of political attitudes and agreement with the political message content on individual deep fake recognition skills. 163 adults (72 females = 44.2%) judged a series of video clips with politicians' statements across the political spectrum regarding their authenticity and their agreement with the message content. Half of the presented videos were fabricated via lipsync technology. In addition to agreement with each statement made, global political attitudes towards social and economic topics were assessed via the Social and Economic Conservatism Scale (SECS). There were robust negative associations between participants' general and social conservatism and their ability to recognize fabricated videos, especially when where there was agreement with the message content. Deep fakes watched on mobile phones and tablets were considerably less likely to be recognized compared to when watched on stationary computers. This is the first study to investigate and establish the association between political attitudes and interindividual differences in deep fake recognition. The study supports recently published research suggesting relationships between conservatism and perceived credibility of conspiracy theories and fake news in general. Implications for further research are discussed.

show abstract

Phish Derby: Shoring the Human Shield Through Gamified Phishing Attacks

Cited by 13 publications

References 49 publications

Gamification of Cybersecurity Awareness for Non-IT Professionals: A Systematic Literature Review

Gamification of Cybersecurity Awareness for Non-IT Professionals: A Systematic Literature Review

Application of intervention mapping in cybersecurity education design

Individual Deep Fake Recognition Skills are Affected by Viewer’s Political Orientation, Agreement with Content and Device Used

Contact Info

Product

Resources

About