University of Twente Student Theses

Login

PHREE of Phish : The Effect of Anti-Phishing Training on the Ability of Users to Identify Phishing Emails

Pars, Cas (2017) PHREE of Phish : The Effect of Anti-Phishing Training on the Ability of Users to Identify Phishing Emails.

[img]
Preview
PDF
2MB
Abstract:The aim of this thesis was to develop and test a new anti-phishing training based on what has been learned from previous research. According to relevant literature an effective anti-phishing training has a repetitive, game-based, embedded design in which text is kept simple and short by using a cartoon format. The content of an effective training contains cues to identify phishing emails and phishing URLs, and a solution for uncertain situations. Based on these characteristics ‘PHREE’, a new anti-phishing training, was developed and tested in a pilot experiment with 36 participants randomly divided over a control group (no training) and an experimental group (PHREE). Results indicate that PHREE training improved the ability of users to identify emails (as phishing or legitimate), from 68% correct before training to 86% correct after training. Training especially enhanced the ability of users to recognize phishing emails, from 52% correct before training to 92% correct after training. Users retained this ability for at least one week and trained users performed significantly better than untrained users. Overall these results strongly support the use of PHREE as a human-oriented solution for phishing. Future research is needed to determine the effect of PHREE in a real-world (corporate) setting.
Item Type:Essay (Master)
Faculty:BMS: Behavioural, Management and Social Sciences
Subject:54 computer science, 81 education, teaching
Programme:Business Administration MSc (60644)
Link to this item:http://purl.utwente.nl/essays/73050
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page