Improving awareness of online browsing behaviours: learning environment for phishing attacks
Kerr, Alexander (2023)
Kerr, Alexander
2023
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2023053016019
https://urn.fi/URN:NBN:fi:amk-2023053016019
Tiivistelmä
It can be challenging to highlight the dangers involved with online browsing from an information security perspective. Following previous research which concluded that providing a more interactive experience aided in raising awareness regarding identifying phishing frauds, this thesis was conducted to research developing a more interactive lab that first-year students were taught during an information security fundamentals course.
The lab was created using virtual machines to provide students with a sandbox area where they can safely learn about phishing techniques and examine the skills involved in some of these attacks.
The results of this research were found by extracting data from student reports. The thematic analysis method was used to evaluate the given responses. The analysis demonstrated that the phishing lab was highly successful in the following areas: Raised awareness of online browsing and potential phishing attempts. Gained knowledge of how these attacks are performed and how to identify them. The ease of these types of attacks, the simplicity involved with creating fake emails.
In addition, an anonymous feedback questionnaire was also used to try and identify the success of the lab. The feedback received here indicated that the students perceived the lab well.
Keywords: cyber security, phishing, security fundamentals, interactivity, raising awareness
The lab was created using virtual machines to provide students with a sandbox area where they can safely learn about phishing techniques and examine the skills involved in some of these attacks.
The results of this research were found by extracting data from student reports. The thematic analysis method was used to evaluate the given responses. The analysis demonstrated that the phishing lab was highly successful in the following areas: Raised awareness of online browsing and potential phishing attempts. Gained knowledge of how these attacks are performed and how to identify them. The ease of these types of attacks, the simplicity involved with creating fake emails.
In addition, an anonymous feedback questionnaire was also used to try and identify the success of the lab. The feedback received here indicated that the students perceived the lab well.
Keywords: cyber security, phishing, security fundamentals, interactivity, raising awareness