Phishing is a common social engineering attack aimed to steal personal information. Universities attract phishing attacks because: (1) they store employees and students sensitive data; (2) they save confidential documents; and (3) their infrastructures often lack security. In this paper, we showcase a phishing assessment at the University of…

Prevalent security threats caused by human errors necessitate security education, training, and awareness (SETA) programs in organizations. Despite strong theoretical foundations in behavioral cybersecurity, field evidence on the effectiveness of SETA programs in mitigating actual threats is scarce. Since memory decay will inevitably occur after…

Phishing research presents conflicting findings regarding the psychological predictors of phishing susceptibility. The present work aimed to resolve these discrepancies by utilizing a diverse online sample and email set. Participants completed a survey that included an email classification task and measured several individual differences,…

Every electronic message poses some threat of being a phishing attack. If recipients underestimate that threat, they expose themselves, and those connected to them, to identity theft, ransom, malware, or worse. If recipients overestimate that threat, then they incur needless costs, perhaps reducing their willingness and ability to respond over…

Cybersecurity is crucial at present because cyber threats (e.g., phishing) have become a very common occurrence in everyday life. A literature review showed that there are no studies based on cybersecurity awareness which involved a large number of Thai users. Thus, this research focused on the cybersecurity awareness of approximately 20,000…

Social engineering is a large problem in our modern technological world, but while conceptually understood, it is harder to teach compared to traditional pen testing techniques. This research details a class project where students implemented a phishing exercise against real-world targets. Through cooperation with an external corporate partner,…

Distracted users can fail to correctly distinguish the differences between legitimate and malicious emails or search engine results. Mobile phone users can have a more challenging time identifying malicious content due to the smaller screen size and the limited security features in mobile phone applications. Thus, the main goal of this research…

Technology is playing an increasingly significant role in people's lives. They use it for work, education, business and social activities; however, their use of different kinds of information communication technologies (ICTs) puts their personal information at risk. It is essential for everyone using ICTs to be aware of the potential information…

This document reports results of an online survey that examined practices and procedures in the management of electronic resources in 65 academic library reference departments. Responses are related to: (1) student population; (2) library use by community people; (3) number of public access workstations, workstations with World Wide Web access,…