Home > Research > Publications & Outputs > Understanding the human behavioural factors beh...

Electronic data

  • 2017shargawiphd

    Final published version, 4.34 MB, PDF document

    Available under license: CC BY-ND: Creative Commons Attribution-NoDerivatives 4.0 International License

Text available via DOI:

View graph of relations

Understanding the human behavioural factors behind online learners’ susceptibility to phishing attacks

Research output: ThesisDoctoral Thesis

Published

Standard

Understanding the human behavioural factors behind online learners’ susceptibility to phishing attacks. / Shargawi, Ayman.
Lancaster University, 2017. 244 p.

Research output: ThesisDoctoral Thesis

Harvard

APA

Vancouver

Shargawi A. Understanding the human behavioural factors behind online learners’ susceptibility to phishing attacks. Lancaster University, 2017. 244 p. doi: 10.17635/lancaster/thesis/336

Author

Bibtex

@phdthesis{3e0958b08f4d468fa130a027926bcaa0,
title = "Understanding the human behavioural factors behind online learners{\textquoteright} susceptibility to phishing attacks",
abstract = "Phishing is an act of fraudulence to lure victims to respond to an illegitimate request for the sake of a financial or informational gain (Huang, Qian, and Wang, 2012). Phishing can jeopardize the security of online learning (e-Learning) systems. Phishing cannot be prevented by depending on technical controls alone (Proctor, Schultz and Vu, 2009). Effective Information Security Awareness is key to protecting against Phishing (Chen, Shaw and Yang, 2006). However, most information security awareness programs overlook human behavioural factors as a root cause of exploitation in Phishing (Proctor et al 2009, Anttila et al 2007).This research aims to better understand the human behavioural factors behind online learners{\textquoteright} susceptibility to Phishing attacks (Luo et al, 2013). Thus, literature review was conducted to identify and analyse the human behavioural factors exploited in Phishing attacks with relation to the online learners{\textquoteright} awareness needs. A conceptual framework called {\textquoteleft}Security Awareness Model for Phishing{\textquoteright} (SAMFP) has been developed based on the integration of Endsley{\textquoteright}s Situation Awareness model (Endsley, 2015), the awareness delivery guidelines by Chen, Shaw and Yang (2006) and Poepjes{\textquoteright} (2012) Information Security Awareness and Capability Model (ISACM). SAMFP aims to improve information security awareness for online learners. Hence, data was gathered from 100 participants, experienced in learning online, who completed 5 activities: a pre-awareness (1st) assessment test, participating in the 1st awareness session and group discussions, an assessment (2nd) test, participating in the 2nd awareness session and group discussions and finally a post-awareness (3rd) assessment test. Data was analysed quantitatively with 18 hypotheses to validate the effectiveness of the SAMFP model. Following a design based research approach, the researcher was heavily engaged in the design, development and testing of the SAMFP model which included development of training materials, tutoring and assessment of learning outcomes against the research questions and objectives.",
author = "Ayman Shargawi",
year = "2017",
doi = "10.17635/lancaster/thesis/336",
language = "English",
publisher = "Lancaster University",
school = "Lancaster University",

}

RIS

TY - BOOK

T1 - Understanding the human behavioural factors behind online learners’ susceptibility to phishing attacks

AU - Shargawi, Ayman

PY - 2017

Y1 - 2017

N2 - Phishing is an act of fraudulence to lure victims to respond to an illegitimate request for the sake of a financial or informational gain (Huang, Qian, and Wang, 2012). Phishing can jeopardize the security of online learning (e-Learning) systems. Phishing cannot be prevented by depending on technical controls alone (Proctor, Schultz and Vu, 2009). Effective Information Security Awareness is key to protecting against Phishing (Chen, Shaw and Yang, 2006). However, most information security awareness programs overlook human behavioural factors as a root cause of exploitation in Phishing (Proctor et al 2009, Anttila et al 2007).This research aims to better understand the human behavioural factors behind online learners’ susceptibility to Phishing attacks (Luo et al, 2013). Thus, literature review was conducted to identify and analyse the human behavioural factors exploited in Phishing attacks with relation to the online learners’ awareness needs. A conceptual framework called ‘Security Awareness Model for Phishing’ (SAMFP) has been developed based on the integration of Endsley’s Situation Awareness model (Endsley, 2015), the awareness delivery guidelines by Chen, Shaw and Yang (2006) and Poepjes’ (2012) Information Security Awareness and Capability Model (ISACM). SAMFP aims to improve information security awareness for online learners. Hence, data was gathered from 100 participants, experienced in learning online, who completed 5 activities: a pre-awareness (1st) assessment test, participating in the 1st awareness session and group discussions, an assessment (2nd) test, participating in the 2nd awareness session and group discussions and finally a post-awareness (3rd) assessment test. Data was analysed quantitatively with 18 hypotheses to validate the effectiveness of the SAMFP model. Following a design based research approach, the researcher was heavily engaged in the design, development and testing of the SAMFP model which included development of training materials, tutoring and assessment of learning outcomes against the research questions and objectives.

AB - Phishing is an act of fraudulence to lure victims to respond to an illegitimate request for the sake of a financial or informational gain (Huang, Qian, and Wang, 2012). Phishing can jeopardize the security of online learning (e-Learning) systems. Phishing cannot be prevented by depending on technical controls alone (Proctor, Schultz and Vu, 2009). Effective Information Security Awareness is key to protecting against Phishing (Chen, Shaw and Yang, 2006). However, most information security awareness programs overlook human behavioural factors as a root cause of exploitation in Phishing (Proctor et al 2009, Anttila et al 2007).This research aims to better understand the human behavioural factors behind online learners’ susceptibility to Phishing attacks (Luo et al, 2013). Thus, literature review was conducted to identify and analyse the human behavioural factors exploited in Phishing attacks with relation to the online learners’ awareness needs. A conceptual framework called ‘Security Awareness Model for Phishing’ (SAMFP) has been developed based on the integration of Endsley’s Situation Awareness model (Endsley, 2015), the awareness delivery guidelines by Chen, Shaw and Yang (2006) and Poepjes’ (2012) Information Security Awareness and Capability Model (ISACM). SAMFP aims to improve information security awareness for online learners. Hence, data was gathered from 100 participants, experienced in learning online, who completed 5 activities: a pre-awareness (1st) assessment test, participating in the 1st awareness session and group discussions, an assessment (2nd) test, participating in the 2nd awareness session and group discussions and finally a post-awareness (3rd) assessment test. Data was analysed quantitatively with 18 hypotheses to validate the effectiveness of the SAMFP model. Following a design based research approach, the researcher was heavily engaged in the design, development and testing of the SAMFP model which included development of training materials, tutoring and assessment of learning outcomes against the research questions and objectives.

U2 - 10.17635/lancaster/thesis/336

DO - 10.17635/lancaster/thesis/336

M3 - Doctoral Thesis

PB - Lancaster University

ER -