Don't click: towards an effective anti-phishing training. A comparative literature review
Email is of critical importance as a communication channel for both business and personal
matters. Unfortunately, it is also often exploited for phishing attacks. To defend against such …
matters. Unfortunately, it is also often exploited for phishing attacks. To defend against such …
SoK: a comprehensive reexamination of phishing research from the security perspective
Phishing and spear phishing are typical examples of masquerade attacks since trust is built
up through impersonation for the attack to succeed. Given the prevalence of these attacks …
up through impersonation for the attack to succeed. Given the prevalence of these attacks …
Why people keep falling for phishing scams: The effects of time pressure and deception cues on the detection of phishing emails
Lack of personalisation and poor mechanics (eg, grammar, spelling and punctuation) are
commonly cited as cues of deception that people can use to identify phishing emails …
commonly cited as cues of deception that people can use to identify phishing emails …
Cognition in social engineering empirical research: a systematic literature review
The interdisciplinarity of the Social Engineering (SE) domain creates crucial challenges for
the development and advancement of empirical SE research, making it particularly difficult to …
the development and advancement of empirical SE research, making it particularly difficult to …
Avoiding the hook: influential factors of phishing awareness training on click-rates and a data-driven approach to predict email difficulty perception
Phishing attacks are still seen as a significant threat to cyber security, and large parts of the
industry rely on anti-phishing simulations to minimize the risk imposed by such attacks. This …
industry rely on anti-phishing simulations to minimize the risk imposed by such attacks. This …
Checking, nudging or scoring? Evaluating e-mail user security tools
SY Zheng, I Becker - Nineteenth Symposium on Usable Privacy and …, 2023 - usenix.org
Phishing e-mail threats are increasing in sophistication. Technical measures alone do not
fully prevent users from falling for them and common e-mail interfaces provide little support …
fully prevent users from falling for them and common e-mail interfaces provide little support …
The role of cue utilization in the detection of phishing emails
This study was designed to examine the roles of cue utilization, phishing features and time
pressure in the detection of phishing emails. During two experiments, participants completed …
pressure in the detection of phishing emails. During two experiments, participants completed …
Presenting suspicious details in {User-Facing} e-mail headers does not improve phishing detection
S Zheng, I Becker - Eighteenth Symposium on Usable Privacy and …, 2022 - usenix.org
Phishing requires humans to fall for impersonated sources. Sender authenticity can often be
inferred from e-mail header information commonly displayed by e-mail clients, such as …
inferred from e-mail header information commonly displayed by e-mail clients, such as …
Categorizing human phishing difficulty: a Phish Scale
M Steves, K Greene, M Theofanos - Journal of Cybersecurity, 2020 - academic.oup.com
As organizations continue to invest in phishing awareness training programs, many chief
information security officers (CISOs) are concerned when their training exercise click rates …
information security officers (CISOs) are concerned when their training exercise click rates …
SoK: Human-centered phishing susceptibility
Phishing is recognized as a serious threat to organizations and individuals. While there
have been significant technical advances in blocking phishing attacks, end-users remain the …
have been significant technical advances in blocking phishing attacks, end-users remain the …