Investigating Teenagers’ Ability to Detect Phishing Messages

James Nicholson, Yousra Javed, Matt Dixon, Lynne Coventry, Opeyemi Dele-Ajayi, Philip Anderson

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

25 Citations (Scopus)
91 Downloads (Pure)

Abstract

Young people are increasingly becoming responsible for the security of their devices, yet do not appear to receive formal instruction on how to protect themselves online. In this paper, we investigate the phish detection performance of teenagers while exploring how their familiarity with a service affects their overall performance in identifying phishing messages. Our study with 83 teenagers finds that teenagers were poor at distinguishing between genuine and phishing messages in an experimental task, yet performance was not affected by the familiarity of the service. However, our participants exhibited riskier behavior when making decisions on unfamiliar messages, suggesting that this is an area for further exploration. We discuss the implications of the poor phishing performance for teenagers and explore possible avenues to improve their awareness of these attacks, e.g. through embedding training content within the school curriculum.
Original languageEnglish
Title of host publicationEuroUSEC 2020
Subtitle of host publicationThe 5th European Workshop on Usable Security
Place of PublicationPiscataway
PublisherIEEE
Pages140-149
Number of pages10
ISBN (Electronic)9781728185972
ISBN (Print)9781728185989
DOIs
Publication statusPublished - Sept 2020
EventThe 5th European Workshop on Usable Security - Genova, Italy, Genova, Italy
Duration: 7 Sept 20207 Sept 2020
Conference number: 2020
https://eusec20.cs.uchicago.edu/

Conference

ConferenceThe 5th European Workshop on Usable Security
Abbreviated titleEuroUSEC
Country/TerritoryItaly
CityGenova
Period7/09/207/09/20
Internet address

Keywords

  • social engineering
  • teenagers
  • cybersecurity
  • social factors
  • phishing

Fingerprint

Dive into the research topics of 'Investigating Teenagers’ Ability to Detect Phishing Messages'. Together they form a unique fingerprint.

Cite this