PHISHER CRUSH: A Mobile Persuasive Game for Promoting Online Security

Phishing has become a major security threat in this Internet age. Dubious computer geeks and malicious hackers tend to make use of this mode of cyberattack due to the ability of phishes to deceive unsuspecting users without being prevented by various system security measures. The major reason why people fall for phishing attacks is that they are mostly unaware of how to detect them. This paper presents the design and implementation of a mobile persuasive game for promoting online security by teaching people how to detect and avoid phishing links. We also present the results and insights from the playability and persuasiveness evaluation of the game. The evaluators reported an overall high level of playability according to the Heuristic Evaluation for Playability (HEP). Above all, the results show that the game is highly persuasive, hence is expected to effectively motivate the desired behaviour of promoting online security. Based on our results, we provided some design consideration and insights from the evaluators’ comments.

[1]  Saunjoo L. Yoon,et al.  Enhancing self-management in children with sickle cell disease through playing a CD-ROM educational game: a pilot study. , 2007, Pediatric nursing.

[2]  Jakob Nielsen,et al.  Heuristic evaluation of user interfaces , 1990, CHI '90.

[3]  Lorrie Faith Cranor,et al.  Anti-Phishing Phil: the design and evaluation of a game that teaches people not to fall for phish , 2007, SOUPS '07.

[4]  Ming-Sui Lee,et al.  Opportunities for Persuasive Technology to Motivate Heavy Computer Users for Stretching Exercise , 2014, PERSUASIVE.

[5]  Rita Orji,et al.  STD PONG: A Personalized Persuasive Game for Risky Sexual Behaviour Change in Africa , 2018, PPT@PERSUASIVE.

[6]  Rita Orji,et al.  STD Pong: changing risky sexual behaviour in Africa through persuasive games , 2018, AfriCHI.

[7]  Julita Vassileva,et al.  LunchTime: a slow-casual game for long-term dietary behavior change , 2013, Personal and Ubiquitous Computing.

[8]  Weider D. Yu,et al.  A phishing vulnerability analysis of web based systems , 2008, 2008 IEEE Symposium on Computers and Communications.

[9]  Shlomo Berkovsky,et al.  Phish Phinder: A Game Design Approach to Enhance User Confidence in Mitigating Phishing Attacks , 2017, HAISA.

[10]  Paul Egglestone,et al.  UKKO: Enriching Persuasive Location based Games with Environmental Sensor Data , 2015, CHI PLAY.

[11]  Lorrie Faith Cranor,et al.  School of phish: a real-world evaluation of anti-phishing training , 2009, SOUPS.

[12]  Markus Jakobsson,et al.  Social phishing , 2007, CACM.

[13]  Koji Tsukada,et al.  Sensing fork and persuasive game for improving eating behavior , 2013, UbiComp.

[14]  Heather Desurvire,et al.  Using heuristics to evaluate the playability of games , 2004, CHI EA '04.

[15]  Luca Chittaro,et al.  Turning the Classic Snake Mobile Game into a Location-Based Exergame that Encourages Walking , 2012, PERSUASIVE.

[16]  BJ Fogg,et al.  Creating persuasive technologies: an eight-step design process , 2009, Persuasive '09.

[17]  D. Lieberman,et al.  Educational video game for juvenile diabetes: results of a controlled trial. , 1997, Medical informatics = Medecine et informatique.

[18]  Harri Oinas-Kukkonen,et al.  Persuasive Systems Design: Key Issues, Process Model, and System Features , 2009, Commun. Assoc. Inf. Syst..