This article presents the development and assessment of Anti-Phishing Phil, a web-based game aimed at instilling safe online practices to protect users from phishing threats. The game was crafted following educational science guidelines and underwent several rounds of modifications. Its effectiveness was gauged through a user study where participants’ skills in spotting deceptive websites were tested before and after a 15-minute session of one of three anti-phishing training methods (engaging with the game, going through an anti-phishing guide we developed based on the game, or studying existing online training resources). The study revealed that those who interacted with the game showed a higher proficiency in recognizing deceptive websites compared to those who used other methods. We believe this improvement can be attributed to both the informative content of the game and its interactive nature. The findings affirm the potential of games as a powerful tool for educating individuals about phishing and other cyber threats.
Critical success factors for security education, training and awareness (SETA) programme effectiveness: an empirical comparison of practitioner perspectives
Cyber security has never been more important than it is today in an ever more connected and pervasive digital world....