Phishing for phishing awareness

Behaviour and Information Technology

Volumn 32, Issue 6, 2013, Pages 584-593

  Jansson, K ^a   Von Solms, R ^a  

^a NELSON MANDELA METROPOLITAN UNIVERSITY   (South Africa)

Author keywords

information security; phishing; social engineering

Indexed keywords

CYBERSPACES; ORGANISATIONAL; PHISHING; PHISHING ATTACKS; SOCIAL ENGINEERING; SOUTH AFRICA;

SECURITY OF DATA;

COMPUTER CRIME;

EID: 84879341574     PISSN: 0144929X     EISSN: 13623001     Source Type: Journal    
DOI: 10.1080/0144929X.2011.632650     Document Type: Article

References (21)

1. Aaron, G., 2010. The state of phishing. Computer Fraud & Security, 2010 (6), 5-8
2. Aburrous, M., et al., 2010 Intelligent phishing detection system for e-banking using fuzzy data mining. Expert systems with applications, 37 (12), 7913
3. Dodge, J., Carver, C., and Ferguson, A.J., 2007. Phishing for user security awareness. Computers & Security, 26 (1), 73-80
4. Ferguson, A.J., 2005 Fostering e-mail security awareness: The West Point Carronade. EDUCAUSE Quarterly, 28 (1), 54-57
5. Gordon, J.A and Pawlowski, J., 2002. Education ondemand: the development of a simulator-based medical education service. Academic Medicine, 77 (7). Available from: http://journals.lww.com/academicmedicine/Fulltext/2002/07000/ Education-On-demand-The-Development-of-a.42.aspx [Accessed 4 November 2011]
6. Hasle, H., et al., 2005. Measuring resistance to social engineering. In: Information security practice and experience: first international conference, ISPEC 2005, 11-14 April 2005, Singapore Berlin: Springer-Verlag, 132-143
7. Jagatic, T.N., et al., 2007. Social phishing. Communications of the ACM, 50, 94-100
8. Jakobsson, M., Finn, P., and Johnson, N., 2008. Why and how to perform fraud experiments. Security & Privacy, IEEE, 6 (2), 66-68
9. Jakobsson, M., and Ratkiewicz, J., 2006. Designing ethical phishing experiments: a study of (ROT13) rOnl query features. In: Proceedings of the 15th international conference on world wide web, 23-26 May 2006, Edinburgh, Scotland New York: ACM Press, 513-522
10. Jansson, K. and von Solms, R., 2010. Social engineering: towards a holistic solution. In: Proceedings of the South African information security multi-conference (SAISMC 2010). South African Information Security Multi-Conference, 17-18 May 2010, Port Elizabeth Plymouth: Plymouth University
11. Kumaraguru, P., et al., 2009. School of phish: a real-world evaluation of anti-phishing training. In: Proceedings of the 5th symposium on usable privacy and security SOUPS '09. New York: ACM, 3:1-3:12
12. Kumaraguru, P., et al., 2010. Teaching Johnny not to fall for phish. ACM Transactions on Internet Technology (TOIT), 10 (2), 7
13. Mann, I., 2008. Hacking the human: social engineering techniques and security countermeasures. Aldershot, UK: Gower Publishing, Ltd. Oxford English Dictionary, 2009. Oxford English dictionary [online]. Available from: http://dictionary.oed.com/cgi/entry/00323586/00323586se1?single-1&query- type-word &queryword-Neurolinguisticprogramming&first-1& max-to-show-10&hilite-00323586se1 [Accessed 1 November 2011]
14. Shahriar, H. and Zulkernine, M., in press. Trustworthiness testing of phishing websites: a behavior model-based approach. Future Generation Computer Systems. Available from: http://www.sciencedirect.com/science/article/B6V06- 5265S47-1/2/71cf3b73da4bff9605cf1733114e0bb6 [Accessed 4 November 2011]
15. Sheng, S., et al., 2007. Anti-phishing phil: the design and evaluation of a game that teaches people not to fall for phish. In: Proceedings of the 3rd symposium on usable privacy and security, 18-20 July 2007, Pittsburgh. 88-99
16. Srikwan, S. and Jakobsson, M., 2008. Using cartoons to teach internet security. Cryptologia, 32 (2), 137-154
17. Steyn, T., Kruger, H., and Drevin, L., 2007. Identity theft-empirical evidence from a phishing exercise In: H. Venter, M. Eloff, L. Labuschagne, J. Eloff, and R. Von Solms, eds. New approaches for security, privacy and trust in complex environments. IFIP International Federation for Information Processing. Boston: Springer, 193-203
18. Symantec, 2010a. Symantec intelligence quarterly: global report (July-September 2010) [online] Symantec Corporation. Available from: http://www.symantec.com/content/en/us/enterprise/white-papers/ b-symc-intelligence-qtrly-july-to-sept-WP-21157366.en-us.pdf [Accessed 16 February 2011]
19. Symantec, 2010b. Symantec report shows no slowdown in cyber attacks. Symantec [online]. Available from: http://www.symantec.com/business/resources/ articles/article. jsp?aid-20100527-report-shows-no-slowdown-in-cyber-attacks [Accessed 31 August 2010]
20. Twitchell, D., 2009. Social engineering and its countermeasures. In: M. Gupta and R. Sharman, eds. Handbook of research on social and organizational liabilities in information security. Hershey, PA: IGI Global, 228-242
21. Wash, R., 2010. Folk models of home computer security. Symposium on usable privacy and security (SOUPS). New York: ACM, 16.