School of Phish: A Real-World Evaluation of Anti-Phishing Training

Free registration required

Executive Summary

PhishGuru is an embedded training system that teaches users to avoid falling for phishing attacks by delivering a training message when the user clicks on the URL in a simulated phishing email. In previous lab and real-world experiments, the authors validated the effectiveness of this approach. Here, they extend their previous work with a 515-participant, real-world study in which they focus on long-term retention and the effect of two training messages. They also investigate demographic factors that influence training and general phishing susceptibility.

  • Format: PDF
  • Size: 2068.48 KB