Abstract
The COVID-19 pandemic has sparked considerable alarm amongst the general community and has significantly affected the societal attitudes and perceptions. In the current era, social engineers are applying various strategies to exploit human weakness. Phishing, a social engineering technique, is one of the most widely used and effective ways to undermine human assets. In this research study, firstly, we aim to educate the participants regarding phishing attacks; secondly, the dangers associated with excessive online sharing; and thirdly, how to utilise game scenarios developed by the participants to elicit security requirements. We have employed various research methods, such as, survey, observation, personas development, and scenario-based technique to achieve these objectives. Our re-evaluation results show that the PhishI game effectively educates participants regarding phishing attacks and dangers associated with disclosing excessive online information.
| Original language | English |
|---|---|
| Pages (from-to) | 294-321 |
| Number of pages | 28 |
| Journal | International Journal of Information and Computer Security |
| Volume | 23 |
| Issue number | 3 |
| DOIs | |
| Publication status | Published - 2024 |
| Externally published | Yes |
Keywords
- awareness
- human factor
- online information disclosure
- phishing attack
- security requirements elicitation
- serious game
- social engineering