NoPhish App Evaluation: Lab and Retention Study

Reading Time: 1 minutePhishing is a prevalent issue of today’s Internet. Previous approaches to counter phishing do not draw on a crucial factor to combat the threat – the users themselves. We believe user education about the dangers of the Internet is a further...

Effects of cyber security knowledge on attack detection

Reading Time: 1 minuteEnsuring cyber security is a complex task that relies on domain knowledge and requires cognitive abilities to determine possible threats from large amounts of network data. This study investigates how knowledge in network operations and...

Contextualized Web warnings, and how they cause distrust

Reading Time: 1 minuteCurrent warnings in Web browsers are difficult to understand for lay users. We address this problem through more concrete warning content by contextualizing the warning – for example, taking the user’s current intention into account in order to...

Modifying Smartphone User Locking Behavior

Reading Time: 1 minuteWith an increasing number of organizations allowing personal smart phones onto their networks, considerable security risk is introduced. The security risk is exacerbated by the tremendous heterogeneity of the personal mobile devices and their...

Phishing IQ Tests Measure Fear, Not Ability

Reading Time: 1 minuteWe argue that phishing IQ tests fail to measure susceptibility to phishing attacks. We conducted a study where 40 subjects were asked to answer a selection of questions from existing phishing IQ tests in which we varied the portion (from 25% to...