Journal of Information Systems Education
Abstract
In this paper, we describe the development of an in-class exercise designed to teach students how to craft social engineering attacks. Specifically, we focus on the development of phishing emails. Providing an opportunity to craft offensive attacks not only helps prepare students for a career in penetration testing but can also enhance their ability to detect and defend against similar methods. First, we discuss the relevant background. Second, we outline the requirements necessary to implement the exercise. Third, we describe how we implemented the exercise. Finally, we discuss our results and share student feedback.
Recommended Citation
Young, Jacob A. and Farshadkhah, Sahar
(2023)
"Teaching Tip: Hook, Line, and Sinker – The Development of a Phishing Exercise to Enhance Cybersecurity Awareness,"
Journal of Information Systems Education: Vol. 34
:
Iss.
4
, 347-359.
Available at:
https://aisel.aisnet.org/jise/vol34/iss4/1
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.