Abstract
Organizations rely on phishing interventions to enhance employees' vigilance and safe responses to phishing emails that bypass technical solutions. While various resources are available to counteract phishing, studies emphasize the need for interactive and practical training approaches. To investigate the effectiveness of such an approach, we developed and delivered two anti-phishing trainings, group discussion and role-playing, at a European university. We conducted a pre-registered1 experiment (N = 105), incorporating repeated measures at three time points, a control group, and three in-situ phishing tests. Both trainings enhanced employees' antiphishing self-efficacy and support-seeking intention in within-group analyses. Only the role-playing training significantly improved support-seeking intention when compared to the control group.
Original language | English |
---|---|
Title of host publication | CHI 2024 - Proceedings of the 2024 CHI Conference on Human Factors in Computing Systems |
Publisher | ACM |
ISBN (Electronic) | 9798400703300 |
DOIs | |
Publication status | Published - 2024 |
MoE publication type | A4 Conference publication |
Event | ACM SIGCHI Annual Conference on Human Factors in Computing Systems - Honolulu, USA, Honolulu, United States Duration: 11 May 2024 → 16 May 2024 https://chi2024.acm.org/ |
Conference
Conference | ACM SIGCHI Annual Conference on Human Factors in Computing Systems |
---|---|
Abbreviated title | ACM CHI |
Country/Territory | United States |
City | Honolulu |
Period | 11/05/2024 → 16/05/2024 |
Internet address |
Keywords
- Anti-phishing training
- Group discussion
- Mixed-design experiment
- Phishing intervention
- Report phishing emails
- Role-playing training
- Self-efficacy
- Support-seeking