Phishing

Phishing continues to be an escalating cyber threat facing organizations of all types and sizes, including industry, academia, and government.

Our team performs research to understand phishing within an operational (real-world) context by examining user behaviors during phishing awareness training exercises. Our efforts have provided insights into users’ rationale and role in early detection, and how these might be scaffolded with technological solutions.

Current/recent research projects:

• Phish scale - developing a scale to rate the detection difficulty of phishing messages
• Phishing behaviors - understanding why users click or don’t click during phishing training exercises

Past research projects:

• Phishing lens model  - proposed an exploratory computational model of user decision making in a potential phishing attack scenario