SoK: a comprehensive reexamination of phishing research from the security perspective

A Das, S Baki, A El Aassal, R Verma… - … Surveys & Tutorials, 2019 - ieeexplore.ieee.org
Phishing and spear phishing are typical examples of masquerade attacks since trust is built
up through impersonation for the attack to succeed. Given the prevalence of these attacks …

Phishing in organizations: Findings from a large-scale and long-term study

D Lain, K Kostiainen, S Čapkun - 2022 IEEE Symposium on …, 2022 - ieeexplore.ieee.org
In this paper, we present findings from a largescale and long-term phishing experiment that
we conducted in collaboration with a partner company. Our experiment ran for 15 months …

[HTML][HTML] Exploring susceptibility to phishing in the workplace

EJ Williams, J Hinds, AN Joinson - International Journal of Human …, 2018 - Elsevier
Phishing emails provide a means to infiltrate the technical systems of organisations by
encouraging employees to click on malicious links or attachments. Despite the use of …

An investigation of phishing awareness and education over time: When and how to best remind users

B Reinheimer, L Aldag, P Mayer, M Mossano… - … Symposium on Usable …, 2020 - usenix.org
Security awareness and education programmes are rolled out in more and more
organisations. However, their effectiveness over time and, correspondingly, appropriate …

Evaluating organizational phishing awareness training on an enterprise scale

D Hillman, Y Harel, E Toch - Computers & Security, 2023 - Elsevier
Employees are often the victims of phishing attacks, posing a threat to both themselves and
their organizations. In response, organizations are dedicating resources, time, and …

What. hack: engaging anti-phishing training through a role-playing phishing simulation game

ZA Wen, Z Lin, R Chen, E Andersen - … of the 2019 CHI Conference on …, 2019 - dl.acm.org
Phishing attacks are a major problem, as evidenced by the DNC hackings during the 2016
US presidential election, in which staff were tricked into sharing passwords by fake Google …

{End-to-End} measurements of email spoofing attacks

H Hu, G Wang - 27th USENIX Security Symposium (USENIX Security …, 2018 - usenix.org
Spear phishing has been a persistent threat to users and organizations, and yet email
providers still face key challenges to authenticate incoming emails. As a result, attackers can …

[HTML][HTML] The impact of formal and informal organizational norms on susceptibility to phishing: Combining survey and field experiment data

G Petrič, K Roer - Telematics and Informatics, 2022 - Elsevier
Phishing is one of the most common forms of social engineering that exploits human
vulnerabilities and causes immense personal and organizational costs. This study advances …

[HTML][HTML] Design and evaluation of an augmented reality game for cybersecurity awareness (CybAR)

H Alqahtani, M Kavakli-Thorne - Information, 2020 - mdpi.com
The number of damaging cyberattacks is increasing exponentially due in part to lack of user
awareness of risky online practices, such as visiting unsafe websites, ignoring warning …

Weak links in authentication chains: A large-scale analysis of email sender spoofing attacks

K Shen, C Wang, M Guo, X Zheng, C Lu, B Liu… - 30th USENIX Security …, 2021 - usenix.org
As a fundamental communicative service, email is playing an important role in both
individual and corporate communications, which also makes it one of the most frequently …