Gokul CJ (TCS Research, Tata Consultancy Services Ltd., Pune), Vijayanand Banahatti (TCS Research, Tata Consultancy Services Ltd., Pune), Sachin Lodha (TCS Research, Tata Consultancy Services Ltd., Pune)

Phishing threats are on the rise, especially through Business Email Compromise (BEC). Despite having several tools for phishing email detection, the attacks are becoming smarter and personal, targeting individuals to gain access to personal and organizational information. Game-based cybersecurity training methods are found to have positive results in educating users. Along this line, we introduce PickMail, an anti-phishing awareness game that simulates typical real-life email scenarios to train an organization’s employees. In PickMail, we train participants to judge the legitimacy of an email by inspecting its various parts, such as the sender’s email domain, hyperlinks, attachments, and forms. The game also records participants’ decision-making steps that lead to their final judgment. Our study with 478 participants shows how the serious game-based training helped the participants make better judgments on emails, with the correctness in identifying email legitimacy reaching 92.62%. The study also provided us with insights that could help develop better training methods and user interfaces.

View More Papers

Towards Integrating Human-Centered Cybersecurity Research Into Practice: A Practitioner...

Julie Haney, Clyburn Cunningham, Susanne Furman (National Institute of Standards and Technology)

Read More

Exploring Phishing Threats through QR Codes in Naturalistic Settings

Filipo Sharevski (DePaul University), Mattia Mossano, Maxime Fabian Veit, Gunther Schiefer, Melanie Volkamer (Karlsruhe Institute of Technology)

Read More

Kids, Cats, and Control: Designing Privacy and Security Dashboard...

Jacob Abbott (Indiana University), Jayati Dev (Indiana University), DongInn Kim (Indiana University), Shakthidhar Reddy Gopavaram (Indiana University), Meera Iyer (Indiana University), Shivani Sadam (Indiana University) , Shirang Mare (Western Washington University), Tatiana Ringenberg (Purdue University), Vafa Andalibi (Indiana University), and L. Jean Camp(Indiana University)

Read More