Jan 12, 2024 | Conference proceedings, Research library
We describe ethical and procedural aspects of setting up and conducting phishing experiments, drawing on experience gained from being involved in the design and execution of a sequence of phishing experiments (second author), and from being involved in the review of...
Jan 12, 2024 | Journal article, Research library
Objective: We use signal detection theory to measure vulnerability to phishing attacks, including variation in performance across task conditions.Background: Phishing attacks are difficult to prevent with technology alone, as long as technology is operated by people....
Jan 12, 2024 | Conference proceedings, Research library
As organizations continue to invest in phishing awareness training programs, many Chief Information Security Officers (CISOs) are concerned when their training exercise click rates are high or variable, as they must justify training budgets to those who question the...
Jan 12, 2024 | Conference proceedings, Research library
This paper examines the cues that typically differentiate phishing emails from genuine emails. The research is conducted in two stages. In the first stage, we identify the cues that actually differentiate between phishing and genuine emails. These are the consistency...
Jan 3, 2024 | Journal article, Research library
Phishing emails provide a means to infiltrate the technical systems of organisations by encouraging employees to click on malicious links or attachments. Despite the use of awareness campaigns and phishing simulations, employees remain vulnerable to phishing emails....
Jan 3, 2024 | Journal article, Research library
Social-psychological research on phishing has implicated ineffective cognitive processing as the key reason for individual victimization. Interventions have consequently focused on training individuals to better detect deceptive emails. Evidence, however, points to...
