NoPhish App Evaluation: Lab and Retention Study

Reading Time: 1 minutePhishing is a prevalent issue of today’s Internet. Previous approaches to counter phishing do not draw on a crucial factor to combat the threat – the users themselves. We believe user education about the dangers of the Internet is a further...

Effects of cyber security knowledge on attack detection

Reading Time: 1 minuteEnsuring cyber security is a complex task that relies on domain knowledge and requires cognitive abilities to determine possible threats from large amounts of network data. This study investigates how knowledge in network operations and...

More Is Not the Answer

Reading Time: 1 minuteIn this paper we explore why progress has been slow and examine several possible directions. First, the scale and diversity of the web makes one-size fits all approaches hard. Second, the competition for user attention is fierce: there are no...

Writing down your password: Does it help?

Reading Time: 1 minuteUsers are able to remember their phone numbers and postal codes, their student numbers, PIN numbers, and social insurance numbers. Why, then, do users have trouble remembering their passwords? This paper considers the hypothesis that being able...

Contextualized Web warnings, and how they cause distrust

Reading Time: 1 minuteCurrent warnings in Web browsers are difficult to understand for lay users. We address this problem through more concrete warning content by contextualizing the warning – for example, taking the user’s current intention into account in order to...

Targeted Risk Communication for Computer Security

Reading Time: 1 minuteAttacks on computer systems are rapidly becoming more numerous and more sophisticated, and current preventive techniques do not seem able to keep pace. Many successful attacks can be attributed to user errors: for example, while focused on other...

Modifying Smartphone User Locking Behavior

Reading Time: 1 minuteWith an increasing number of organizations allowing personal smart phones onto their networks, considerable security risk is introduced. The security risk is exacerbated by the tremendous heterogeneity of the personal mobile devices and their...

Cyber Security Games: A New Line of Risk

Reading Time: 1 minuteBehaviour change is difficult to achieve and there are many models identifying the factors to affect such change but few have been applied in the security domain. This paper discusses the use of serious games to improve the security behaviour of...

Security Policy Compliance: User Acceptance Perspective

Reading Time: 1 minuteInformation security policy compliance is one of the key concerns that face organizations today. Although, technical and procedural security measures help improve information security, there is an increased need to accommodate human, social and...

Scare tactics – A viable weapon in the security war?

Reading Time: 1 minuteEnd users are frequently criticised as the sources of bad security practice, and it is suggested they might take the issue more seriously if they experienced a breach. An option for enabling this would be for security administrators to...

Phishing IQ Tests Measure Fear, Not Ability

Reading Time: 1 minuteWe argue that phishing IQ tests fail to measure susceptibility to phishing attacks. We conducted a study where 40 subjects were asked to answer a selection of questions from existing phishing IQ tests in which we varied the portion (from 25% to...

Protecting Users Against Phishing Attacks with AntiPhish

Reading Time: 1 minutePhishing is a form of online identity theft that aims to steal sensitive information such as online banking passwords and credit card information from users. Phishing scams have been receiving extensive press coverage because such attacks have...

An application of deterrence theory to software piracy

Reading Time: 1 minuteAlthough the research on software piracy is growing, criminologists have not examined the role of deterrence in software piracy. Using data collected from 382 undergraduate students attending a southeastern university, this study examined the...