Litcius/Paper detail

Content, Nudges and Incentives: A Study on the Effectiveness and Perception of Embedded Phishing Training

Daniele Lain, Tarek Jost, Siniša Matetić, Kari Kostiainen, Srđjan Čapkun

202412 citationsDOIOpen Access PDF

Abstract

A common form of phishing training in organizations is the use of simulated phishing emails to test employees' susceptibility to phishing attacks, and the immediate delivery of training material to those who fail the test. This widespread practice is dubbed embedded training; however, its effectiveness in decreasing the likelihood of employees falling for phishing again in the future is questioned by the contradictory findings of several recent field studies.

Topics & Concepts

PhishingIncentiveTest (biology)Nudge theoryPerceptionTraining (meteorology)Applied psychologyComputer scienceInternet privacyPsychologyComputer securitySocial psychologyWorld Wide WebThe InternetMeteorologyPaleontologyEconomicsNeuroscienceBiologyPhysicsMicroeconomicsSpam and Phishing DetectionNetwork Security and Intrusion DetectionCybercrime and Law Enforcement Studies
Content, Nudges and Incentives: A Study on the Effectiveness and Perception of Embedded Phishing Training | Litcius