An investigation of phishing awareness and education over time: When - - PowerPoint PPT Presentation

▶

Jan 24, 2023 103 likes •177 views

An investigation of phishing awareness and education over time: When and how to best remind users? Benjamin Reinheimer, Lukas Aldag, Peter Mayer, Mattia Mossano, Reyhan Duezguen, Bettina Lofthouse, Tatiana von Landesberger, Melanie Volkamer

SLIDE 1

COMPETENCE CENTER FOR APPLIED SECURITY TECHNOLOGY (KASTEL) RESEARCH GROUP SECURITY • USABILITY • SOCIETY (SECUSO)

www.kit.edu

KIT – The Research University in the Helmholtz Association

An investigation of phishing awareness and education

ver time: When and how to best remind users?

Benjamin Reinheimer, Lukas Aldag, Peter Mayer, Mattia Mossano, Reyhan Duezguen, Bettina Lofthouse, Tatiana von Landesberger, Melanie Volkamer

Feel free to add picture here

SLIDE 2

SOUPS 2020, Benjamin Reinheimer Research Group Security • Usability • Society (SECUSO)

Contribution

21/07/2020

Systematically measure retention Longitudinal field-study Reminder measures 1. 2. 3. 4.

SLIDE 3

SOUPS 2020, Benjamin Reinheimer Research Group Security • Usability • Society (SECUSO)

About the setting

21/07/2020

2,200 employees Optional participation in the study: 409 participants State Office for Geoinformation and State Survey (SOGSS) Mandatory tutorial on phishing using a train-the-trainer approach

Canova/Volkamer/Bergmann/Reinheimer: NoPhish app evaluation: lab and retention study. In USEC 2015 Neumann/Reinheimer/Volkamer: Don’t be deceived: the message might be fake. In TrutBus2017 Stockhardt/ Reinheimer/Volkamer/Mayer/Kunz/Rack/Lehmann: Teaching phishing-security: which way is best?. In IFIP Sec 2016 …

SLIDE 4

SOUPS 2020, Benjamin Reinheimer Research Group Security • Usability • Society (SECUSO)

Four Reminder Measures

… (there is even more text)

Text Video Short-Text Same content

21/07/2020

Interactive Email

SLIDE 5

SOUPS 2020, Benjamin Reinheimer Research Group Security • Usability • Society (SECUSO)

Study Design and Results

21/07/2020

Study details for role play Judge 20 email screenshots in random order Control Questions & Thanks

SLIDE 6

SOUPS 2020, Benjamin Reinheimer Research Group Security • Usability • Society (SECUSO)

Summary

21/07/2020

Systematically measure retention

Thanks for listening and thanks to my co-authors For further questions feel free to contact me via Benjamin.Reinheimer@kit.edu https://s.kit.edu/soups2020

An investigation of phishing awareness and education over time: When - - PowerPoint PPT Presentation

An investigation of phishing awareness and education

Benjamin Reinheimer, Lukas Aldag, Peter Mayer, Mattia Mossano, Reyhan Duezguen, Bettina Lofthouse, Tatiana von Landesberger, Melanie Volkamer

Feel free to add picture here

Contribution

Systematically measure retention Longitudinal field-study Reminder measures 1. 2. 3. 4.

About the setting

2,200 employees Optional participation in the study: 409 participants State Office for Geoinformation and State Survey (SOGSS) Mandatory tutorial on phishing using a train-the-trainer approach

Four Reminder Measures

Text Video Short-Text Same content

Interactive Email

Study Design and Results

Summary

Systematically measure retention

Reminder measures

Video and Interactive Email example most effective Reminder necessary between 4 and 6 months

409 out of 2,200 employees

Longitudinal field-study