Enhancing Phishing Awareness using Scenario-based Learning Techniques

Abstract

A lot of security threats exist targeting individuals using social engineering such as phishing attacks. Such attacks could deceive individuals to reveal sensitive information which could lead to malicious usage by an attacker. This thesis aims to understand those threats and vulnerabilities among internet users at the University of Plymouth. To fulfil this aim, online survey questioner were developed and data were collected through a scenario-based questioning to investigate phishing attacks among internet users at the university. The findings represent the majority opinions of the surveyed internet users at University of Plymouth, on the basis of the information collected via the questionnaire and scenario-based learning. The areas of discussion were; Social engineering, Trojan Hosts, Man-in-the-middle attacks, Transparent Proxies, DNS Cache Poisoning and finally the Bad Domain Names.