Zheng, Sarah Y;
Becker, Ingolf;
(2023)
Phishing to improve detection.
In:
Proceedings of the 2023 European Symposium on Usable Security (EuroUSEC 2023).
ACM (Association for Computing Machinery)
(In press).
Preview |
Text
Zheng_phishing_2023.pdf Download (2MB) | Preview |
Abstract
Phishing e-mail scams continue to threaten organisations around the world. With generative artificial intelligence, conventional phishing detection advice such as looking out for linguistic errors and bad layouts will become obsolete. New approaches to improve people’s ability to detect phishing are essential. We report on promising results from two experiments (total N = 183) that engaging people with an adversarial mindset improves their ability to detect phishing e-mails compared to those who received conventional or no training. Participants who completed conventional training were nearly three times as likely to fall for a simulated phishing attack compared to those who completed the adversarial training, in which they watched a fictitious cybercriminal explain how to devise a targeted phishing e-mail, and then wrote targeted phishing e-mails themselves. Although further research is needed to examine the training’s long-term efficacy with larger sample sizes, the present findings show an encouraging alternative to conventional phishing training approaches.
Type: | Proceedings paper |
---|---|
Title: | Phishing to improve detection |
Event: | The 2023 European Symposium on Usable Security (EuroUSEC 2023) |
Location: | Copenhagen, Denmar |
Dates: | 16th-17th October 2023 |
ISBN-13: | 979-8-4007-0814-5/23/10 |
Open access status: | An open access version is available from UCL Discovery |
DOI: | 10.1145/3617072.3617121 |
Publisher version: | https://dl.acm.org/conference/eurousec |
Language: | English |
Additional information: | © The Authors 2023. Original content in this paper is licensed under the terms of the Creative Commons Attribution 4.0 International (CC BY 4.0) Licence (https://creativecommons.org/licenses/by/4.0/). |
Keywords: | phishing detection, cybersecurity training, adversarial mindset |
UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Security and Crime Science |
URI: | https://discovery.ucl.ac.uk/id/eprint/10175677 |
Archive Staff Only
View Item |