An Evaluation of Users' Anti-Phishing Knowledge Retention

Phishing scams have become a problem for online banking and e-commerce users. There are different proposed anti-Phishing approaches that make users aware of Phishing emails and websites. This paper evaluates the anti-Phishing knowledge retention for users. It compares the retention of the users' of a novel anti-Phishing approach previously proposed with the retention of the users of the approach of sending anti-Phishing tips by email. Two phases of user experiments were carried out to evaluate the research hypotheses on the retention of the anti-Phishing knowledge.

[1]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[2]  H. Simon,et al.  Situated Learning and Education1 , 1996 .

[3]  Andrew Large,et al.  Computer animation in an instructional environment , 1996 .

[4]  Christina Stothard,et al.  Skill Acquisition and Retention in Training: DSTO Support to the Army Ammunition Study , 2001 .

[5]  Bradford S. Bell,et al.  2. Developing adaptability: A theory for the design of integrated-embedded training systems , 2001 .

[6]  Lorrie Faith Cranor,et al.  Decision strategies and susceptibility to phishing , 2006, SOUPS '06.

[7]  Shambhu J. Upadhyaya,et al.  PHONEY: mimicking user response to detect phishing attacks , 2006, 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks(WoWMoM'06).

[8]  Lorrie Faith Cranor,et al.  Behavioral response to phishing risk , 2007, eCrime '07.

[9]  Lorrie Faith Cranor,et al.  Protecting people from phishing: the design and evaluation of an embedded training email system , 2007, CHI.

[10]  Lorrie Faith Cranor,et al.  Getting users to pay attention to anti-phishing education: evaluation of retention and transfer , 2007, eCrime '07.

[11]  Malcolm Munro,et al.  An evaluation of users’ tips effectiveness for Phishing websites detection , 2008, 2008 Third International Conference on Digital Information Management.

[12]  Malcolm Munro,et al.  An Anti-Phishing Approach that Uses Training Intervention for Phishing Websites Detection , 2009, 2009 Sixth International Conference on Information Technology: New Generations.