It's a Match - Enhancing the Fit between Users and Phishing Training through Personalisation

要旨

Effective training is essential for enhancing users' ability to detect phishing attempts. Personalised training offers huge potential to more closely align training content with individuals' needs and skill levels. In an online study, we assigned N=342 participants to personalised training or a random training variant to compare their effectiveness. The personalisation was based on a phishing proficiency score calculated from factors such as detection ability, knowledge, and security attitude. After training, the participants demonstrated greater proficiency, with an increased ability to detect phishing emails and higher security attitudes. These effects were most pronounced in the personalised condition, demonstrating the potential of personalisation to improve training outcomes. Overall, personalised training levelled the playing field, efficiently bringing all groups, regardless of their initial proficiency, to a comparable and desired post-training phishing proficiency level. Finally, we derived recommendations for designing personalised phishing training content and assigning users to suitable training programmes.

著者
Lorin Schöni
ETH Zurich, Zurich, Switzerland
Neele Roch
ETH Zurich, Zurich, Switzerland
Hannah Sievers
ETH Zurich, Zurich, Switzerland
Martin Strohmeier
armasuisse, Thun, Switzerland
Peter Mayer
University of Southern Denmark, Odense, Denmark
Verena Zimmermann
ETH Zürich, Zürich, Switzerland
DOI

10.1145/3706598.3713845

論文URL

https://dl.acm.org/doi/10.1145/3706598.3713845

動画

会議: CHI 2025

The ACM CHI Conference on Human Factors in Computing Systems (https://chi2025.acm.org/)

セッション: Innovative Training Technologies

Annex Hall F203
7 件の発表
2025-04-29 01:20:00
2025-04-29 02:50:00
日本語まとめ
読み込み中…