Please use this identifier to cite or link to this item:
https://doi.org/10.21256/zhaw-20346| Publication type: | Article in scientific journal |
| Type of review: | Peer review (publication) |
| Title: | Don’t click : towards an effective anti-phishing training. A comparative literature review |
| Authors: | Jampen, Daniel Gür, Gürkan Sutter, Thomas Tellenbach, Bernhard |
| et. al: | No |
| DOI: | 10.1186/s13673-020-00237-7 10.21256/zhaw-20346 |
| Published in: | Human-centric Computing and Information Sciences |
| Volume(Issue): | 10 |
| Issue: | 33 |
| Issue Date: | 9-Aug-2020 |
| Publisher / Ed. Institution: | Springer |
| ISSN: | 2192-1962 |
| Language: | English |
| Subjects: | Phishing; Phishing countermeasure; Anti-phishing training; Security awareness; Security training tool; Machine learning |
| Subject (DDC): | 658.4: Executive Management |
| Abstract: | Email is of critical importance as a communication channel for both business and personal matters. Unfortunately, it is also often exploited for phishing attacks. To defend against such threats, many organizations have begun to provide anti-phishing training programs to their employees. A central question in the development of such programs is how they can be designed sustainably and effectively to minimize the vulnerability of employees to phishing attacks. In this paper, we survey and categorize works that consider different elements of such programs via a clearly laid-out methodology, and identify key findings in the technical literature. Overall, we find that researchers agree on the answers to many relevant questions regarding the utility and effectiveness of anti-phishing training. However, we identified influencing factors, such as the impact of age on the success of anti-phishing training programs, for which mixed findings are available. Finally, based on our comprehensive analysis, we describe how a well-founded anti-phishing training program should be designed and parameterized with a set of proposed research directions. |
| URI: | https://digitalcollection.zhaw.ch/handle/11475/20346 |
| Fulltext version: | Published version |
| License (according to publishing contract): | CC BY 4.0: Attribution 4.0 International |
| Departement: | School of Engineering |
| Organisational Unit: | Institute of Computer Science (InIT) |
| Published as part of the ZHAW project: | OptiPhish – Effective and Measurable Phishing Awareness Training |
| Appears in collections: | Publikationen School of Engineering |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| 2020_Jampen-etal_Effective-anti-phishing-training-literature-review.pdf | 2.93 MB | Adobe PDF |  View/Open |
Show full item record
Jampen, D., Gür, G., Sutter, T., & Tellenbach, B. (2020). Don’t click : towards an effective anti-phishing training. A comparative literature review. Human-Centric Computing and Information Sciences, 10(33). https://doi.org/10.1186/s13673-020-00237-7
Jampen, D. et al. (2020) ‘Don’t click : towards an effective anti-phishing training. A comparative literature review’, Human-centric Computing and Information Sciences, 10(33). Available at: https://doi.org/10.1186/s13673-020-00237-7.
D. Jampen, G. Gür, T. Sutter, and B. Tellenbach, “Don’t click : towards an effective anti-phishing training. A comparative literature review,” Human-centric Computing and Information Sciences, vol. 10, no. 33, Aug. 2020, doi: 10.1186/s13673-020-00237-7.
JAMPEN, Daniel, Gürkan GÜR, Thomas SUTTER und Bernhard TELLENBACH, 2020. Don’t click : towards an effective anti-phishing training. A comparative literature review. Human-centric Computing and Information Sciences. 9 August 2020. Bd. 10, Nr. 33. DOI 10.1186/s13673-020-00237-7
Jampen, Daniel, Gürkan Gür, Thomas Sutter, and Bernhard Tellenbach. 2020. “Don’t Click : Towards an Effective Anti-Phishing Training. A Comparative Literature Review.” Human-Centric Computing and Information Sciences 10 (33). https://doi.org/10.1186/s13673-020-00237-7.
Jampen, Daniel, et al. “Don’t Click : Towards an Effective Anti-Phishing Training. A Comparative Literature Review.” Human-Centric Computing and Information Sciences, vol. 10, no. 33, Aug. 2020, https://doi.org/10.1186/s13673-020-00237-7.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.