Don't click: towards an effective anti-phishing training. A comparative literature review
Email is of critical importance as a communication channel for both business and personal
matters. Unfortunately, it is also often exploited for phishing attacks. To defend against such …
matters. Unfortunately, it is also often exploited for phishing attacks. To defend against such …
SoK: a comprehensive reexamination of phishing research from the security perspective
Phishing and spear phishing are typical examples of masquerade attacks since trust is built
up through impersonation for the attack to succeed. Given the prevalence of these attacks …
up through impersonation for the attack to succeed. Given the prevalence of these attacks …
Advanced social engineering attacks
Social engineering has emerged as a serious threat in virtual communities and is an
effective means to attack information systems. The services used by today's knowledge …
effective means to attack information systems. The services used by today's knowledge …
The human aspects of information security questionnaire (HAIS-Q): two further validation studies
K Parsons, D Calic, M Pattinson, M Butavicius… - Computers & …, 2017 - Elsevier
Abstract Information security awareness (ISA) is integral to protecting an organisation from
cyber threats. The aim of this paper is to further establish the validity of the Human Aspects …
cyber threats. The aim of this paper is to further establish the validity of the Human Aspects …
Phishing happens beyond technology: The effects of human behaviors and demographics on each step of a phishing process
Prior studies have shown that the behaviours and attitudes of Internet users influence the
likelihood of being victimised by phishing attacks. Many scammers design a step-by-step …
likelihood of being victimised by phishing attacks. Many scammers design a step-by-step …
An investigation of phishing awareness and education over time: When and how to best remind users
Security awareness and education programmes are rolled out in more and more
organisations. However, their effectiveness over time and, correspondingly, appropriate …
organisations. However, their effectiveness over time and, correspondingly, appropriate …
Encouraging employee engagement with cybersecurity: How to tackle cyber fatigue
Cybersecurity fatigue is a form of work disengagement specific to cybersecurity. It manifests
as a weariness or aversion to cybersecurity-related workplace behaviors or advice and …
as a weariness or aversion to cybersecurity-related workplace behaviors or advice and …
Predicting susceptibility to social influence in phishing emails
K Parsons, M Butavicius, P Delfabbro, M Lillie - International Journal of …, 2019 - Elsevier
To reduce the threat caused by phishing attacks, it is vital to investigate why some phishing
attacks are successful, and why some people are more susceptible to them than others. To …
attacks are successful, and why some people are more susceptible to them than others. To …
Why people keep falling for phishing scams: The effects of time pressure and deception cues on the detection of phishing emails
Lack of personalisation and poor mechanics (eg, grammar, spelling and punctuation) are
commonly cited as cues of deception that people can use to identify phishing emails …
commonly cited as cues of deception that people can use to identify phishing emails …
Breaching the human firewall: Social engineering in phishing and spear-phishing emails
M Butavicius, K Parsons, M Pattinson… - arXiv preprint arXiv …, 2016 - arxiv.org
We examined the influence of three social engineering strategies on users' judgments of
how safe it is to click on a link in an email. The three strategies examined were authority …
how safe it is to click on a link in an email. The three strategies examined were authority …