[1] Sheng S., Holbrook M., Kumaraguru P., Cranor L.F., Downs J., 2010. Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions. In
Proceedings of the 28th international conference on Human factors in computing systems (CHI '10). ACM, New York, NY, USA, 373-382
Available: http://lorrie.cranor.org/pubs/pap1162-sheng.pdf
This paper talks about a roleplay survey study using MTurk to determine who falls to phishing attacks based on a variety of factors, including gender, age, technical knowledge, risk perception, prior exposure to anti-phishing training, and more. Also researchers test the effectiveness of certain anti-phishing educational materials.
It was interesting to see who is more likely to get fooled by a phisher. I had not really heard of the anti-phishing training types, so it was interesting to see them studied for effectiveness.
Proceedings of the 28th international conference on Human factors in computing systems (CHI '10). ACM, New York, NY, USA, 373-382
Available: http://lorrie.cranor.org/pubs/pap1162-sheng.pdf
This paper talks about a roleplay survey study using MTurk to determine who falls to phishing attacks based on a variety of factors, including gender, age, technical knowledge, risk perception, prior exposure to anti-phishing training, and more. Also researchers test the effectiveness of certain anti-phishing educational materials.
It was interesting to see who is more likely to get fooled by a phisher. I had not really heard of the anti-phishing training types, so it was interesting to see them studied for effectiveness.