SoK: a comprehensive reexamination of phishing research from the security perspective
Phishing and spear phishing are typical examples of masquerade attacks since trust is built
up through impersonation for the attack to succeed. Given the prevalence of these attacks …
up through impersonation for the attack to succeed. Given the prevalence of these attacks …
Sixteen years of phishing user studies: What have we learned?
Several previous studies have investigated user susceptibility to phishing attacks. A
thorough meta-analysis or systematic review is required to gain a better understanding of …
thorough meta-analysis or systematic review is required to gain a better understanding of …
Using design-science based gamification to improve organizational security training and compliance
We conducted a design-science research project to improve an organization's compound
problems of (1) unsuccessful employee phishing prevention and (2) poorly received internal …
problems of (1) unsuccessful employee phishing prevention and (2) poorly received internal …
Theorizing the Digital Object.
Prompted by perceived shortcomings of prevailing conceptualizations of digital technology
in IS, we propose a theory aimed at capturing both the ontological complexity of digital …
in IS, we propose a theory aimed at capturing both the ontological complexity of digital …
Why security and privacy research lies at the centre of the information systems (IS) artefact: Proposing a bold research agenda
In this essay, we outline some important concerns in the hope of improving the effectiveness
of security and privacy research. We discuss the need to re-examine our understanding of …
of security and privacy research. We discuss the need to re-examine our understanding of …
An investigation of phishing awareness and education over time: When and how to best remind users
Security awareness and education programmes are rolled out in more and more
organisations. However, their effectiveness over time and, correspondingly, appropriate …
organisations. However, their effectiveness over time and, correspondingly, appropriate …
Eyes wide open: The role of situational information security awareness for security‐related behaviour
Most contemporary studies on information security focus on largely static phenomena in
examining security‐related behaviours. We take a more dynamic, situational and …
examining security‐related behaviours. We take a more dynamic, situational and …
The phishing funnel model: a design artifact to predict user susceptibility to phishing websites
Phishing is a significant security concern for organizations, threatening employees and
members of the public. Phishing threats against employees can lead to severe security …
members of the public. Phishing threats against employees can lead to severe security …
[HTML][HTML] Understanding extra-role security behaviors: An integration of self-determination theory and construal level theory
M Frank, V Kohn - Computers & Security, 2023 - Elsevier
Extra-role security behaviors (ERSBs)–spontaneous security behaviors that are not
prescribed in organizational security policies–are seen as a useful addition to securing …
prescribed in organizational security policies–are seen as a useful addition to securing …
Email phishing and signal detection: How persuasion principles and personality influence response patterns and accuracy
Phishing is a social engineering tactic where a malicious actor impersonates a trustworthy
third party with the intention of tricking the user into divulging sensitive information. Previous …
third party with the intention of tricking the user into divulging sensitive information. Previous …