Abstract
Young people are increasingly becoming responsible for the security of their devices, yet do not appear to receive formal instruction on how to protect themselves online. In this paper, we investigate the phish detection performance of teenagers while exploring how their familiarity with a service affects their overall performance in identifying phishing messages. Our study with 83 teenagers finds that teenagers were poor at distinguishing between genuine and phishing messages in an experimental task, yet performance was not affected by the familiarity of the service. However, our participants exhibited riskier behavior when making decisions on unfamiliar messages, suggesting that this is an area for further exploration. We discuss the implications of the poor phishing performance for teenagers and explore possible avenues to improve their awareness of these attacks, e.g. through embedding training content within the school curriculum.
Original language | English |
---|---|
Title of host publication | EuroUSEC 2020 |
Subtitle of host publication | The 5th European Workshop on Usable Security |
Place of Publication | Piscataway |
Publisher | IEEE |
Pages | 140-149 |
Number of pages | 10 |
ISBN (Electronic) | 9781728185972 |
ISBN (Print) | 9781728185989 |
DOIs | |
Publication status | Published - Sept 2020 |
Event | The 5th European Workshop on Usable Security - Genova, Italy, Genova, Italy Duration: 7 Sept 2020 → 7 Sept 2020 Conference number: 2020 https://eusec20.cs.uchicago.edu/ |
Conference
Conference | The 5th European Workshop on Usable Security |
---|---|
Abbreviated title | EuroUSEC |
Country/Territory | Italy |
City | Genova |
Period | 7/09/20 → 7/09/20 |
Internet address |
Keywords
- social engineering
- teenagers
- cybersecurity
- social factors
- phishing