Sciweavers

Share
ECRIME
2007

Getting users to pay attention to anti-phishing education: evaluation of retention and transfer

11 years 9 months ago
Getting users to pay attention to anti-phishing education: evaluation of retention and transfer
Educational materials designed to teach users not to fall for phishing attacks are widely available but are often ignored by users. In this paper, we extend an embedded training methodology using learning science principles in which phishing education is made part of a primary task for users. The goal is to motivate users to pay attention to the training materials. In embedded training, users are sent simulated phishing attacks and trained after they fall for the attacks. Prior studies tested users immediately after training and demonstrated that embedded training improved users' ability to identify phishing emails and websites. In the present study, we tested users to determine how well they retained knowledge gained through embedded training and how well they transferred this knowledge to identify other types of phishing emails. We also compared the effectiveness of the same training materials delivered via embedded training and delivered as regular email messages. In our exper...
Ponnurangam Kumaraguru, Yong Rhee, Steve Sheng, Sh
Added 14 Aug 2010
Updated 14 Aug 2010
Type Conference
Year 2007
Where ECRIME
Authors Ponnurangam Kumaraguru, Yong Rhee, Steve Sheng, Sharique Hasan, Alessandro Acquisti, Lorrie Faith Cranor, Jason I. Hong
Comments (0)
books