Abstract
Young people are increasingly becoming responsible for the security of their devices, yet do not appear to receive formal instruction on how to protect themselves online. In this paper, we investigate the phish detection performance of teenagers while exploring how their familiarity with a service affects their overall performance in identifying phishing messages. Our study with 83 teenagers finds that teenagers were poor at distinguishing between genuine and phishing messages in an experimental task, yet performance was not affected by the familiarity of the service. However, our participants exhibited riskier behavior when making decisions on unfamiliar messages, suggesting that this is an area for further exploration. We discuss the implications of the poor phishing performance for teenagers and explore possible avenues to improve their awareness of these attacks, e.g. through embedding training content within the school curriculum.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of 5th IEEE European Symposium on Security and Privacy Workshops |
| Place of Publication | Piscataway |
| Publisher | IEEE |
| Pages | 140-149 |
| Number of pages | 10 |
| ISBN (Electronic) | 9781728185972 |
| ISBN (Print) | 9781728185989 |
| DOIs | |
| Publication status | Published - 22 Oct 2020 |
| Externally published | Yes |
| Event | 5th IEEE European Symposium on Security and Privacy Workshops - virtual event Duration: 7 Sept 2020 → 11 Sept 2020 Conference number: 5th |
Conference
| Conference | 5th IEEE European Symposium on Security and Privacy Workshops |
|---|---|
| Abbreviated title | EUROS&PW 2020 |
| Period | 7/09/20 → 11/09/20 |
Keywords
- Social engineering
- Teenagers
- Phishing
- Cybersecurity
- Social factors