Rewind
All the content from last year’s PeepSec, Impact and flagship industry events
Cyber security awareness campaigns: Why do they fail to change behaviour?
The present paper focuses on Cyber Security Awareness Campaigns, and aims to identify key factors regarding security which may lead them to failing to appropriately change people’s behaviour. Past and current efforts to improve information-security practices and...
Cybersecurity risk management in small and medium-sized enterprises; A systematic review of recent evidence
Small and medium-sized enterprises (SMEs) have been encouraged to take advantage of any possible business opportunities by utilizing and adopting new-technologies such as cloud computing services, there is a huge misunderstanding of their cyber threats from the...
Employees attitude towards cyber security and risky online behaviours: An empirical assessment in the United Kingdom
The present study aimed to explore if the size of company an individual works for, age or attitudes towards cyber security affected frequency to engage in risky online behaviours. A total of 515 participants aged between 18-84 in full or part-time employment were...
Rebooting IT security awareness – How organisations can encourage and sustain secure behaviours
Most organisations are using online security awareness training and simulated phishing attacks to encourage their employees to behave securely. Buying off-the-shelf training packages and making it mandatory for all employees to complete them is easy, and satisfies...
An ideal approach for detection and prevention of phishing attacks
Phishing is a treacherous attempt to embezzle personal information such as bank account details, credit card information, social security number, employment details, and online shopping account passwords and so on from internet users. Phishing, or stealing of...
Client-Side Counter Phishing Application Using Adaptive Neuro-Fuzzy Inference System
Phishing is an online scam which involves identity theft of unsuspecting users, by which an attacker steals the personal information of users, such as user ID or password. E-mails, instant messaging and web pages are used in carrying out such attacks, out of which...
2024 Predictions report
2024 security awareness predictions,views from the industryNo DeLorean needed. We've harnessed the collective wisdom of leading cybersecurity minds to create a comprehensive report, revealing a blueprint of what 2024 could look like: AI is set to dominate: Expect an...
Detect phishing by checking content consistency
Phishing is a form of cybercrime used to lure a victim to reveal his/her sensitive personal information to fraudulent web pages. To protect users from phishing attacks, many anti-phishing techniques have been proposed to block suspicious web pages, which are...
Real time detection of phishing websites
Web Spoofing lures the user to interact with the fake websites rather than the real ones. The main objective of this attack is to steal the sensitive information from the users. The attacker creates a ‘shadow’ website that looks similar to the legitimate website. This...
Social network security: issues, challenges, threats, and solutions
Networks are very popular in today’s world. Millions of people use various forms of social networks as they allow individuals to connect with friends and family, and share private information. However, issues related to maintaining the privacy and security of a user’s...
Addressing the incremental risks associated with adopting bring your own device
Bring Your Own Device (BYOD) involves allowing employees to use their own mobile devices to access their organisations’ networks. Many organisations are embracing this trend as a means to cut information technology (IT) expenditure, enhance employee satisfaction, etc....
Online disclosure of personally identifiable information with strangers: effects of public and private sharing
Safeguarding personally identifiable information (PII) is crucial because such information is increasingly used to engineer privacy attacks, identity thefts and security breaches. But is it likely that individuals may choose to just share this information with...
Presenting Suspicious Details in User-Facing E-mail Headers Does Not Improve Phishing Detection
Phishing requires humans to fall for impersonated sources. Sender authenticity can often be inferred from e-mail header information commonly displayed by e-mail clients, such as sender and recipient details. People may be biased by convincing e-mail content and...
Designing and conducting phishing experiments
We describe ethical and procedural aspects of setting up and conducting phishing experiments, drawing on experience gained from being involved in the design and execution of a sequence of phishing experiments (second author), and from being involved in the review of...
Quantifying phishing susceptibility for detection and behavior decisions
Objective: We use signal detection theory to measure vulnerability to phishing attacks, including variation in performance across task conditions.Background: Phishing attacks are difficult to prevent with technology alone, as long as technology is operated by people....
A phish scale: rating human phishing message detection difficulty
As organizations continue to invest in phishing awareness training programs, many Chief Information Security Officers (CISOs) are concerned when their training exercise click rates are high or variable, as they must justify training budgets to those who question the...
Do users focus on the correct cues to differentiate between phishing and genuine emails?
This paper examines the cues that typically differentiate phishing emails from genuine emails. The research is conducted in two stages. In the first stage, we identify the cues that actually differentiate between phishing and genuine emails. These are the consistency...
Exploring susceptibility to phishing in the workplace
Phishing emails provide a means to infiltrate the technical systems of organisations by encouraging employees to click on malicious links or attachments. Despite the use of awareness campaigns and phishing simulations, employees remain vulnerable to phishing emails....
Suspicion, cognition, and automaticity model of phishing susceptibility
Social-psychological research on phishing has implicated ineffective cognitive processing as the key reason for individual victimization. Interventions have consequently focused on training individuals to better detect deceptive emails. Evidence, however, points to...
Analysis on cookies and cybersecurity
Cookies are essential to the modern internet. People use cookies and other tracking technologies to integrate the browsing experience of websites, present personalized content and targeted advertising, understand the origin of their audience, and analyze web traffic....
A Study On Social Engineering Attacks: Phishing Attack
Recently, with the development of digital technology and the spread of the social media network and made the communication of human beings between each other more easily, but with the put the personal information and private evidence and the participation of others...