Research Library

Participants in online social networking sites (OSNs) such as MySpace and Facebook (among hundreds of others) revel in the freedom and communion facilitated by the burgeoning social Internet. They often express offense or a feeling of intrusion when their online...

Given the increased focus on the need for usable security, it is now to be hoped that the issue will receive greater attention in new software releases. Unfortunately, however, there is still evidence to suggest that usable security receives insufficient consideration...

Humans are "smart components" in a system, but cannot be directly programmed to perform; rather, their autonomy must be respected as a design constraint and incentives provided to induce desired behavior. Sometimes these incentives are properly aligned, and the humans...

In this paper we describe the design and evaluation of Anti-Phishing Phil, an online game that teaches users good habits to help them avoid phishing attacks. We used learning science principles to design and iteratively refine the game. We evaluated the game through a...

We discuss the importance of understanding psychological aspects of phishing, and review some recent findings. Given these findings, we critique some commonly used security practices and suggest and review alternatives, including educational approaches. We suggest a...

This study aimed to reveal a baseline level of phishing success, finding a success rate of 16% when phishing emails were sent from unknown senders, rising to a full 72% when phishing emails appeared to be from known senders.    

Personal Internet users are increasingly finding themselves exposed to security threats during their use of home PC systems. However, concern can be raised about users’ awareness of these problems, and the extent to which they are consequently protected and equipped...

Dr Steven Furnell at Plymouth University has conducted research, which looks at why some computer users still can't tell the difference between an official email and a phishing scam. Steven Furnell looks at the increasing sophistication of phishing emails and examines...

Fear appeals have long been used in persuasive messages to motivate people to perform adaptive behaviors. This research explored the influence of a fear appeal message concerning breast cancer on attitude accessibility. Messages advocating the efficacy of breast...

Although many of the concepts included in cyber security awareness training are universal, such training often must be tailored to address the policies and requirements of a particular organization. In addition, many forms of training fail because they are rote and do...