Developing and evaluating a five minute phishing awareness video

Volkamer, Melanie and Renaud, Karen and Reinheimer, Benjamin and Rack, Philipp and Ghiglieri, Marco and Mayer, Peter and Kunz, Alexandra and Gerber, Nina; Furnell, Steven and Mouratidis, Haralambos and Pernul, Günther, eds. (2018) Developing and evaluating a five minute phishing awareness video. In: Trust, Privacy and Security in Digital Business. Lecture Notes in Computer Science, 11033 . Springer, DEU, pp. 119-134. ISBN 9783319983851 (https://doi.org/10.1007/978-3-319-98385-1_9)

[thumbnail of Volkamer-etal-TPSDB2018-Developing-evaluating-five-minute-phishing-awareness-video]
Preview
 Text. Filename: Volkamer_etal_TPSDB2018_Developing_evaluating_five_minute_phishing_awareness_video.pdf
Accepted Author Manuscript
Download (290kB)| Preview

Abstract

Confidence tricksters have always defrauded the unwary. The computer era has merely extended their range and made it possible for them to target anyone in the world who has an email address. Nowadays, they send phishing messages that are specially crafted to deceive. Improving user awareness has the potential to reduce their effectiveness. We have previously developed and empirically-validated phishing awareness programmes. Our programmes are specifically designed to neutralize common phish-related misconceptions and teach people how to detect phishes. Many companies and individuals are already using our programmes, but a persistent niggle has been the amount of time required to complete the awareness programme. This paper reports on how we responded by developing and evaluating a condensed phishing awareness video that delivered phishing awareness more efficiently. Having watched our video, participants in our evaluation were able to detect phishing messages significantly more reliably right after watching the video (compared to before watching the video). This ability was also demonstrated after a retention period of eight weeks after first watching the video.

CORE (COnnecting REpositories)