Vulnerability of Students of Masaryk University to Two Different Types of Phishing
| Authors | |
|---|---|
| Year of publication | 2024 |
| Type | Article in Periodical |
| Magazine / Source | ACIG - Applied Cybersecurity and Internet Governance |
| MU Faculty or unit | |
| Citation | |
| web | https://www.acigjournal.com/pdf-190268-112622?filename=Vulnerability%20of%20Students.pdf |
| Doi | http://dx.doi.org/10.60097/ACIG/190268. |
| Keywords | phishing, university students, social engineering, the human factor, unintentonal threat |
| Description | According to the European Union Agency for Cybersecurity’s (ENISA) Threat Landscape (ETL) report 2020, phish ing is the most commonly used type of cyberattack. Phishing is the technique of delivering false communications that appear to be from a real and respectable source, typically via e-mail or text message. The attacker aims to steal money, obtain access to sen sitive data, and login information, or install malware on the vic tim’s device. Data from the same report shows that during the COVID-19 pandemic, phishing attacks increased by 667% in one month. Simultaneously, warnings about expected waves of phish ing e-mails at Masaryk University in Czechia were encountered more often. However, at the time this article was written, there was de facto no anti-phishing research dealing with the problem of phishing attacks on Czech universities. The present article focuses on unintentional human error on the side of students of Masaryk University. The main aim of this article is to uncover the profile of the user who is most prone to victimisation of phishing in the university setting. These results were achieved by performing two real-life phishing simulations. Data suggests that female students are more prone to crash for targeted e-mails. At the same time, all students are more susceptible to spear-phishing attacks than to the generic ones. Findings are explained by analysing the empirical results of the two real-life phishing attacks conducted. |