Users represent the primary source of cyber security breaches. Unfortunately, Cyber Security Awareness training often fails to capture their interest and is perceived as a secondary task, an impediment, or a distraction from their core responsibilities. This indifference poses a significant risk to organizations, as cyber security breaches collectively cost businesses billions annually. An effective solution lies in the implementation of gamification, offering an engaging and interactive alternative to mandated training sessions. Among the vulnerable segments, university students stand out, as research indicates they are more susceptible to falling for phishing attacks. While numerous Serious Games are available, this paper concentrates on crafting a captivating and appealing gamified training method tailored specifically to university students. The novelty of this research lies in its format and competitive aspects. Furthermore, the training’s effectiveness was assessed by comparing it to non-trained users. The analysis of survey results contributes to the scientific knowledge base concerning phishing prevention training. Additionally, the Serious Game developed for this purpose can be incorporated into the existing pool of games, narrowing the gap of available games addressing phishing.
The Impact of Workload on Phishing Susceptibility: An Experiment
Phishing is when social engineering is used to deceive a person into sharing sensitive information or downloading...