Abstract
Phishing attacks continue to thrive despite continued efforts to inform citizens about their dangers and how to enact protective behaviours. Demonstrations have been shown to help enhance student learning in various disciplines, yet these have not been explored in a security context with lay individuals. We designed and delivered a Breach and Attack Demonstration (BAD) of spear phishing to 10 lay younger adults (18-24) to explore their perceptions of this method as an awareness tool and to capture any long-lasting impressions. Based on semi-structured interviews and survey responses 6 months after the demonstrations, we found that participants were surprised at how simple spear phishing attacks were to enact and this impression persevered 6 months following the BAD. We discuss the benefits and drawbacks of using BADs as an interactive awareness tool, concluding with recommendations for the design of such demon- strations for lay individuals.
Original language | English |
---|---|
Title of host publication | Information Security Education - Challenges in the Digital Age (WISE 2024) |
Editors | Lynette Drevin, Wai Sze Leung, Suné von Solms |
Place of Publication | Cham |
Publisher | Springer |
Pages | 65-80 |
Number of pages | 16 |
ISBN (Electronic) | 9783031629181 |
ISBN (Print) | 9783031629174 |
DOIs | |
Publication status | Published - 11 Jun 2024 |
Event | World Conference on Information Security Education - Edinburgh, United Kingdom Duration: 12 Jun 2024 → 14 Jun 2024 https://www.ifiptc11.org/wg118-wise |
Publication series
Name | IFIP Advances in Information and Communication Technology |
---|---|
Publisher | Springer |
Volume | 707 |
ISSN (Print) | 1868-4238 |
ISSN (Electronic) | 1868-422X |
Conference
Conference | World Conference on Information Security Education |
---|---|
Abbreviated title | WISE |
Country/Territory | United Kingdom |
City | Edinburgh |
Period | 12/06/24 → 14/06/24 |
Internet address |
Keywords
- phishing
- demonstrations
- young adults