This study designed, developed, and empirically tested a Pause and Think (PAT) mobile app that presented a user with a warning dialog and either a countdown or count-up timer whenever an email with a link was opened. The user was not able to interact with the email until the timer expired. The main goal of this research study was to determine whether requiring e-mail users to pause and wait for a colored warning with a timer when they are presented with a potentially malicious link has any effect on the percentage of falling to phishing attempts. The experimental field study was completed in three phases in which 42 subject matter experts and 107 participants took part. The results indicated that a countdown timer set at three seconds accompanied by red warning text was most effective (p<0.001) on the user’s ability to avoid clicking on a malicious link or attachment. Recommendations for future research include enhancements to the PAT mobile app and investigating what effect the time of day has on susceptibility to phishing
Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks
Assessing security awareness among users is essential for protecting industrial control systems (ICSs) from social...