Spanish, Portuguese, and Latin America (LACAIS Chapter)
Loading...
Paper Type
Complete
Paper Number
1708
Description
Phishing is a social engineering procedure in which a malicious actor impersonates a trusted third party with the intention of tricking the user into disclosing confidential information. Research on social engineering has shown that inappropriate use of persuasion principles in emails leads to increased susceptibility to phishing in users. Therefore, a serious game is proposed to measure the three principles of persuasion in information security: authority, scarcity and taste, in university students about phishing attacks. The methodology includes the elaboration of a visual novel for serious games and a questionnaire for measuring psychological principles aimed at university students and based on real case scenarios. The findings support previous research, which indicates that the use of psychological principles in phishing attacks generates greater susceptibility in users. The principles of persuasion evaluated show high susceptibility scores.
Recommended Citation
Abrahamzon Garcia, Valeria and Diaz Parra, Raul, "Phishing video game to validate the principles of persuasion in university students" (2021). AMCIS 2021 Proceedings. 7.
https://aisel.aisnet.org/amcis2021/lacais/lacais/7
Phishing video game to validate the principles of persuasion in university students
Phishing is a social engineering procedure in which a malicious actor impersonates a trusted third party with the intention of tricking the user into disclosing confidential information. Research on social engineering has shown that inappropriate use of persuasion principles in emails leads to increased susceptibility to phishing in users. Therefore, a serious game is proposed to measure the three principles of persuasion in information security: authority, scarcity and taste, in university students about phishing attacks. The methodology includes the elaboration of a visual novel for serious games and a questionnaire for measuring psychological principles aimed at university students and based on real case scenarios. The findings support previous research, which indicates that the use of psychological principles in phishing attacks generates greater susceptibility in users. The principles of persuasion evaluated show high susceptibility scores.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.