TU Darmstadt / ULB / TUbiblio

NoPhish: Evaluation of a web application that teaches people being aware of phishing attacks

Kunz, Alexandra and Volkamer, Melanie and Stockhardt, Simon and Palberg, Sven and Lottermann, Tessa and Piegert, Eric (2016):
NoPhish: Evaluation of a web application that teaches people being aware of phishing attacks.
In: Jahrestagung der Gesellschaft für Informatik, Lecture Notes in Informatics (LNI), Bonn, Germany, [Conference or Workshop Item]

Abstract

Phishing has evolved to a serious cause of risk in our daily contact with the World Wide Web. Therefore, different extensions and plugins for web browsers were developed to detect phishing websites. To furthermore minimize the risk of falling for a phishing attack, the users themselves have to be educated. Therefore, the online game "NoPhish" has been developed, which explains the basics of phishing attacks and how to detect them efficiently. In the following study, the success rate of this online tool was measured. The goal was to determine which phishing strategies are effective in fooling users, which strategies can be practised well and which strategies are still effective in fooling users after having been taught by some educational material. The effectiveness of "NoPhish" in increasing users’ security awareness and the ability of detecting phishing URLs could be proven. Furthermore, it could be determined which types of phishing should be drawn special attention to in future development of phishing education material. 

Item Type: Conference or Workshop Item
Erschienen: 2016
Creators: Kunz, Alexandra and Volkamer, Melanie and Stockhardt, Simon and Palberg, Sven and Lottermann, Tessa and Piegert, Eric
Title: NoPhish: Evaluation of a web application that teaches people being aware of phishing attacks
Language: English
Abstract:

Phishing has evolved to a serious cause of risk in our daily contact with the World Wide Web. Therefore, different extensions and plugins for web browsers were developed to detect phishing websites. To furthermore minimize the risk of falling for a phishing attack, the users themselves have to be educated. Therefore, the online game "NoPhish" has been developed, which explains the basics of phishing attacks and how to detect them efficiently. In the following study, the success rate of this online tool was measured. The goal was to determine which phishing strategies are effective in fooling users, which strategies can be practised well and which strategies are still effective in fooling users after having been taught by some educational material. The effectiveness of "NoPhish" in increasing users’ security awareness and the ability of detecting phishing URLs could be proven. Furthermore, it could be determined which types of phishing should be drawn special attention to in future development of phishing education material. 

Title of Book: Jahrestagung der Gesellschaft für Informatik
Publisher: Lecture Notes in Informatics (LNI)
Uncontrolled Keywords: Security, Usability and Society;Secure Data
Divisions: 20 Department of Computer Science > SECUSO - Security, Usability and Society
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > Theoretical Computer Science - Cryptography and Computer Algebra
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
20 Department of Computer Science
Profile Areas
LOEWE
Event Location: Bonn, Germany
Date Deposited: 28 Jul 2016 22:54
Identification Number: TUD-CS-2016-14675
Related URLs:
Export:

Optionen (nur für Redakteure)

View Item View Item