Multimedia Learning
Proceedings of the 11th USENIX Security Symposium
What Video Games Have to Teach Us About Learning and Literacy
What Video Games Have to Teach Us About Learning and Literacy
The battle against phishing: Dynamic Security Skins
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Phishing Exposed
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Do security toolbars actually prevent phishing attacks?
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Passpet: convenient password management and phishing protection
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Decision strategies and susceptibility to phishing
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Web wallet: preventing phishing attacks by revealing user intentions
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
We learn better together: enhancing eLearning with emotional characters
CSCL '05 Proceedings of th 2005 conference on Computer support for collaborative learning: learning 2005: the next 10 years!
Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft
Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft
Engaging Learning: Designing e-Learning Simulation Games (Pfeiffer Essential Resources for Training and HR Professionals (Hardcover))
Protecting people from phishing: the design and evaluation of an embedded training email system
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Cantina: a content-based approach to detecting phishing web sites
Proceedings of the 16th international conference on World Wide Web
Communications of the ACM
Fighting phishing at the user interface
Fighting phishing at the user interface
Behavioral response to phishing risk
Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit
Getting users to pay attention to anti-phishing education: evaluation of retention and transfer
Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit
Measuring trust in wi-fi hotspots
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
You've been warned: an empirical study of the effectiveness of web browser phishing warnings
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A framework for reasoning about the human in the loop
UPSEC'08 Proceedings of the 1st Conference on Usability, Psychology, and Security
E-Mail Classification for Phishing Defense
ECIR '09 Proceedings of the 31th European Conference on IR Research on Advances in Information Retrieval
School of phish: a real-world evaluation of anti-phishing training
Proceedings of the 5th Symposium on Usable Privacy and Security
Pure e-learning course in information security
Proceedings of the 2nd international conference on Security of information and networks
Using reinforcement to strengthen users' secure behaviors
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
BogusBiter: A transparent protection against phishing attacks
ACM Transactions on Internet Technology (TOIT)
Teaching Johnny not to fall for phish
ACM Transactions on Internet Technology (TOIT)
Malicious interface design: exploiting the user
Proceedings of the 19th international conference on World wide web
It won't happen to me: Promoting secure behaviour among internet users
Computers in Human Behavior
The Wi-Fi privacy ticker: improving awareness & control of personal information exposure on Wi-Fi
Proceedings of the 12th ACM international conference on Ubiquitous computing
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Sweetening the medicine: educating users about information security by means of game play
SAICSIT '10 Proceedings of the 2010 Annual Research Conference of the South African Institute of Computer Scientists and Information Technologists
Lexical URL analysis for discriminating phishing and legitimate websites
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Communications of the ACM
Journal of Management Information Systems
Using data type based security alert dialogs to raise online security awareness
Proceedings of the Seventh Symposium on Usable Privacy and Security
Proceedings of the Seventh Symposium on Usable Privacy and Security
Using automated individual white-list to protect web digital identities
Expert Systems with Applications: An International Journal
Measuring user confidence in smartphone security and privacy
Proceedings of the Eighth Symposium on Usable Privacy and Security
Risk communication design: video vs. text
PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
Learning from early attempts to measure information security performance
CSET'12 Proceedings of the 5th USENIX conference on Cyber Security Experimentation and Test
CodeShield: towards personalized application whitelisting
Proceedings of the 28th Annual Computer Security Applications Conference
Preventing the revealing of online passwords to inappropriate websites with logininspector
lisa'12 Proceedings of the 26th international conference on Large Installation System Administration: strategies, tools, and techniques
A game design framework for avoiding phishing attacks
Computers in Human Behavior
Pirates of the search results page
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
International Journal of Human-Computer Studies
Hi-index | 0.02 |
In this paper we describe the design and evaluation of Anti-Phishing Phil, an online game that teaches users good habits to help them avoid phishing attacks. We used learning science principles to design and iteratively refine the game. We evaluated the game through a user study: participants were tested on their ability to identify fraudulent web sites before and after spending 15 minutes engaged in one of three anti-phishing training activities (playing the game, reading an anti-phishing tutorial we created based on the game, or reading existing online training materials). We found that the participants who played the game were better able to identify fraudulent web sites compared to the participants in other conditions. We attribute these effects to both the content of the training messages presented in the game as well as the presentation of these materials in an interactive game format. Our results confirm that games can be an effective way of educating people about phishing and other security attacks.