Litcius/Paper detail

Simulated Phishing Attack and Embedded Training Campaign

William Yeoh, He Huang, Wang-Sheng Lee, Fadi Al Jafari, Rachel Mansson

2021Journal of Computer Information Systems42 citationsDOIOpen Access PDF

Abstract

Phishing attacks are costly for both organizations and individuals, yet existing academic research has provided little guidance on how to strategize and implement a combined phishing awareness and training campaign. Drawing on operant conditioning theory, we conduct an in-depth case study on a large phishing awareness campaign and reveal that phishing awareness is a learning process through which individuals’ behavior can be strengthened by reinforcement and punishment. Based on the case study findings, we present several propositions for cybersecurity stakeholders. This study contributes to the phishing awareness literature and has implications for research and practice. This paper is useful for organizations planning or in the process of implementing or reviewing a phishing awareness and education program.

Topics & Concepts

PhishingPunishment (psychology)Process (computing)Internet privacyComputer securityPsychologyComputer scienceThe InternetSocial psychologyWorld Wide WebOperating systemSpam and Phishing DetectionInformation and Cyber SecurityCybercrime and Law Enforcement Studies
Simulated Phishing Attack and Embedded Training Campaign | Litcius