This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Going Spear Phishing: Exploring Embedded Training and Awareness
Jan.-Feb. 2014 (vol. 12 no. 1)
pp. 28-38
Shari Lawrence Pfleeger, I3P Dartmouth College
M. Eric Johnson, Vanderbilt University
To explore the effectiveness of embedded training, researchers conducted a large-scale experiment that tracked workers' reactions to a series of carefully crafted spear phishing emails and a variety of immediate training and awareness activities. Based on behavioral science findings, the experiment included four different training conditions, each of which used a different type of message framing. The results from three trials showed that framing had no significant effect on the likelihood that a participant would click a subsequent spear phishing email and that many participants either clicked all links or none regardless of whether they received training. The study was unable to determine whether the embedded training materials created framing changes on susceptibility to spear phishing attacks because employees failed to read the training materials.
Index Terms:
Training,Electronic mail,Security,Organizations,Privacy,Behavioral science,Materials,behavioral science,security awareness,embedded training,spear phishing
Citation:
Deanna D. Caputo, Shari Lawrence Pfleeger, Jesse D. Freeman, M. Eric Johnson, "Going Spear Phishing: Exploring Embedded Training and Awareness," IEEE Security & Privacy, vol. 12, no. 1, pp. 28-38, Jan.-Feb. 2014, doi:10.1109/MSP.2013.106
Usage of this product signifies your acceptance of the Terms of Use.