{"title":"桶里的矛式网络钓鱼:针对性网络钓鱼活动的见解","authors":"A. Burns, M. E. Johnson, Deanna D. Caputo","doi":"10.1080/10919392.2019.1552745","DOIUrl":null,"url":null,"abstract":"ABSTRACT Executives in many industries have fallen prey to socially engineered attacks known as spear phishing. Using highly targeted emails, social engineers trick victims into performing unintended actions by masquerading as legitimate actors. To shed light on effective spear phishing training, we conducted a multi-round experiment. Our results indicate that training users with individual loss messaging might increase the effectiveness of the training. Additionally, we found potential evidence that organizational training can lead to increased overall spear phishing awareness, even for those not directly trained. Despite these promising results, however, individuals’ susceptibility to highly targeted spear phishing attacks remains troubling for practitioners and researchers.","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"29 1","pages":"24 - 39"},"PeriodicalIF":2.0000,"publicationDate":"2019-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/10919392.2019.1552745","citationCount":"43","resultStr":"{\"title\":\"Spear phishing in a barrel: Insights from a targeted phishing campaign\",\"authors\":\"A. Burns, M. E. Johnson, Deanna D. Caputo\",\"doi\":\"10.1080/10919392.2019.1552745\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"ABSTRACT Executives in many industries have fallen prey to socially engineered attacks known as spear phishing. Using highly targeted emails, social engineers trick victims into performing unintended actions by masquerading as legitimate actors. To shed light on effective spear phishing training, we conducted a multi-round experiment. Our results indicate that training users with individual loss messaging might increase the effectiveness of the training. Additionally, we found potential evidence that organizational training can lead to increased overall spear phishing awareness, even for those not directly trained. Despite these promising results, however, individuals’ susceptibility to highly targeted spear phishing attacks remains troubling for practitioners and researchers.\",\"PeriodicalId\":54777,\"journal\":{\"name\":\"Journal of Organizational Computing and Electronic Commerce\",\"volume\":\"29 1\",\"pages\":\"24 - 39\"},\"PeriodicalIF\":2.0000,\"publicationDate\":\"2019-01-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1080/10919392.2019.1552745\",\"citationCount\":\"43\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Organizational Computing and Electronic Commerce\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1080/10919392.2019.1552745\",\"RegionNum\":4,\"RegionCategory\":\"管理学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Organizational Computing and Electronic Commerce","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1080/10919392.2019.1552745","RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Spear phishing in a barrel: Insights from a targeted phishing campaign
ABSTRACT Executives in many industries have fallen prey to socially engineered attacks known as spear phishing. Using highly targeted emails, social engineers trick victims into performing unintended actions by masquerading as legitimate actors. To shed light on effective spear phishing training, we conducted a multi-round experiment. Our results indicate that training users with individual loss messaging might increase the effectiveness of the training. Additionally, we found potential evidence that organizational training can lead to increased overall spear phishing awareness, even for those not directly trained. Despite these promising results, however, individuals’ susceptibility to highly targeted spear phishing attacks remains troubling for practitioners and researchers.
期刊介绍:
The aim of the Journal of Organizational Computing and Electronic Commerce (JOCEC) is to publish quality, fresh, and innovative work that will make a difference for future research and practice rather than focusing on well-established research areas.
JOCEC publishes original research that explores the relationships between computer/communication technology and the design, operations, and performance of organizations. This includes implications of the technologies for organizational structure and dynamics, technological advances to keep pace with changes of organizations and their environments, emerging technological possibilities for improving organizational performance, and the many facets of electronic business.
Theoretical, experimental, survey, and design science research are all welcome and might look at:
• E-commerce
• Collaborative commerce
• Interorganizational systems
• Enterprise systems
• Supply chain technologies
• Computer-supported cooperative work
• Computer-aided coordination
• Economics of organizational computing
• Technologies for organizational learning
• Behavioral aspects of organizational computing.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
