IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v14y2022i4p104-d779616.html
   My bibliography  Save this article

Evaluation of Contextual and Game-Based Training for Phishing Detection

Author

Listed:
  • Joakim Kävrestad

    (School of Informatics, University of Skövde, 541 28 Skövde, Sweden)

  • Allex Hagberg

    (Xenolith AB, 541 34 Skövde, Sweden)

  • Marcus Nohlberg

    (School of Informatics, University of Skövde, 541 28 Skövde, Sweden)

  • Jana Rambusch

    (School of Informatics, University of Skövde, 541 28 Skövde, Sweden)

  • Robert Roos

    (Xenolith AB, 541 34 Skövde, Sweden)

  • Steven Furnell

    (School of Computer Science, University of Nottingham, Nottingham NG7 2RD, UK)

Abstract

Cybersecurity is a pressing matter, and a lot of the responsibility for cybersecurity is put on the individual user. The individual user is expected to engage in secure behavior by selecting good passwords, identifying malicious emails, and more. Typical support for users comes from Information Security Awareness Training (ISAT), which makes the effectiveness of ISAT a key cybersecurity issue. This paper presents an evaluation of how two promising methods for ISAT support users in acheiving secure behavior using a simulated experiment with 41 participants. The methods were game-based training, where users learn by playing a game, and Context-Based Micro-Training (CBMT), where users are presented with short information in a situation where the information is of direct relevance. Participants were asked to identify phishing emails while their behavior was monitored using eye-tracking technique. The research shows that both training methods can support users towards secure behavior and that CBMT does so to a higher degree than game-based training. The research further shows that most participants were susceptible to phishing, even after training, which suggests that training alone is insufficient to make users behave securely. Consequently, future research ideas, where training is combined with other support systems, are proposed.

Suggested Citation

  • Joakim Kävrestad & Allex Hagberg & Marcus Nohlberg & Jana Rambusch & Robert Roos & Steven Furnell, 2022. "Evaluation of Contextual and Game-Based Training for Phishing Detection," Future Internet, MDPI, vol. 14(4), pages 1-16, March.
    • Handle: RePEc:gam:jftint:v:14:y:2022:i:4:p:104-:d:779616
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/14/4/104/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/1999-5903/14/4/104/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Owusu-Agyei, Samuel & Okafor, Godwin & Chijoke-Mgbame, Aruoriwo Marian & Ohalehi, Paschal & Hasan, Fakhrul, 2020. "Internet adoption and financial development in sub-Saharan Africa," Technological Forecasting and Social Change, Elsevier, vol. 161(C).
    2. B. B. Gupta & Nalin A. G. Arachchilage & Kostas E. Psannis, 2018. "Defending against phishing attacks: taxonomy of methods, current issues and future directions," Telecommunication Systems: Modelling, Analysis, Design and Management, Springer, vol. 67(2), pages 247-267, February.
    3. Rana Alabdan, 2020. "Phishing Attacks Survey: Types, Vectors, and Technical Approaches," Future Internet, MDPI, vol. 12(10), pages 1-37, September.
    4. Thulani Mashiane & Elmarie Kritzinger, 2021. "Identifying Behavioral Constructs in Relation to User Cybersecurity Behavior," Eurasian Journal of Social Sciences, Eurasian Publications, vol. 9(2), pages 98-122.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Muhammad Waqas & Alishba Hania & Farzan Yahya & Iqra Malik, 2023. "Enhancing Cybersecurity: The Crucial Role of Self-Regulation, Information Processing, and Financial Knowledge in Combating Phishing Attacks," SAGE Open, , vol. 13(4), pages 21582440231, December.
    2. Njangang, Henri & Beleck, Alim & Tadadjeu, Sosson & Kamguia, Brice, 2022. "Do ICTs drive wealth inequality? Evidence from a dynamic panel analysis," Telecommunications Policy, Elsevier, vol. 46(2).
    3. Bahati Sanga & Meshach Aziakpono, 2022. "The impact of technological innovations on financial deepening: Implications for SME financing in Africa," African Development Review, African Development Bank, vol. 34(4), pages 429-442, December.
    4. Robert Karamagi, 2022. "A Review of Factors Affecting the Effectiveness of Phishing," Computer and Information Science, Canadian Center of Science and Education, vol. 15(1), pages 1-20, February.
    5. Wu, Yingjia & Cao, Nannan & Muda, Iskandar & Rady, Ahmed & Abduvaxitovna, Shamansurova Zilola, 2024. "Financial development and natural resource nexus: Evaluating the importance of mineral in BRICS economies," Resources Policy, Elsevier, vol. 89(C).
    6. Joël Cariolle & David A Carroll, 2020. "Advancing digital frontiers in African economies: lessons learned from firm-level innovations," Working Papers hal-03118738, HAL.
    7. Abdul Basit & Maham Zafar & Xuan Liu & Abdul Rehman Javed & Zunera Jalil & Kashif Kifayat, 2021. "A comprehensive survey of AI-enabled phishing attacks detection techniques," Telecommunication Systems: Modelling, Analysis, Design and Management, Springer, vol. 76(1), pages 139-154, January.
    8. Jaime A. Teixeira da Silva & Aceil Al-Khatib & Panagiotis Tsigaris, 2020. "Spam emails in academia: issues and costs," Scientometrics, Springer;Akadémiai Kiadó, vol. 122(2), pages 1171-1188, February.
    9. Sun, Chuanwang & Khan, Anwar & Xue, Juntao & Huang, Xiaoyong, 2024. "Are digital economy and financial structure driving renewable energy technology innovations: A major eight countries perspective," Applied Energy, Elsevier, vol. 362(C).
    10. Ravi Kashyap, 2023. "DeFi Security: Turning The Weakest Link Into The Strongest Attraction," Papers 2312.00033, arXiv.org.
    11. Chatterjee, Sheshadri & Chaudhuri, Ranjan & Thrassou, Alkis & Vrontis, Demetris, 2022. "Social network games (SNGs) addiction: Psychological dimensions and impacts on life quality and society," Technological Forecasting and Social Change, Elsevier, vol. 177(C).
    12. Jingyi Wang & Qingning Lin & Xuebiao Zhang, 2023. "How Does Digital Economy Promote Agricultural Development? Evidence from Sub-Saharan Africa," Agriculture, MDPI, vol. 14(1), pages 1-19, December.
    13. Dhahri, Sabrine & Omri, Anis & Mirza, Nawazish, 2024. "Information technology and financial development for achieving sustainable development goals," Research in International Business and Finance, Elsevier, vol. 67(PA).
    14. Jimmy Moedjahedy & Arief Setyanto & Fawaz Khaled Alarfaj & Mohammed Alreshoodi, 2022. "CCrFS: Combine Correlation Features Selection for Detecting Phishing Websites Using Machine Learning," Future Internet, MDPI, vol. 14(8), pages 1-18, July.
    15. Henri Njangang & Alim Beleck & Sosson Tadadjeu & Brice Kamguia, 2021. "Do ICTs drive wealth inequality? Evidence from a dynamic panel analysis," Working Papers 21/057, European Xtramile Centre of African Studies (EXCAS).
    16. Oyebola Etudaiye-Muhtar, Fatima & Johan, Sofia & Lawal, Rodiat & Sakariyahu, Rilwan, 2024. "Fintech, human development and energy poverty in sub-Saharan Africa," Journal of International Financial Markets, Institutions and Money, Elsevier, vol. 91(C).
    17. Mougnol A Ekoula, Hervé William & Kamguia, Brice & Ndoya, Hermann, 2023. "Do women hold the key to financial sector development in Africa?," International Economics, Elsevier, vol. 173(C), pages 233-248.
    18. Luo, Yusen & Lu, Zhengnan & Wu, Chao, 2023. "Can internet development accelerate the green innovation efficiency convergence: Evidence from China," Technological Forecasting and Social Change, Elsevier, vol. 189(C).
    19. Nkoumou Ngoa, Gaston Brice & Song, Jacques Simon, 2021. "Female participation in African labor markets: The role of information and communication technologies," Telecommunications Policy, Elsevier, vol. 45(9).
    20. Mignamissi, Dieudonné & Djijo T., Audrey J., 2021. "Digital divide and financial development in Africa," Telecommunications Policy, Elsevier, vol. 45(9).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:14:y:2022:i:4:p:104-:d:779616. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.