Abstract
Due to a lack of learning opportunities, untrained access to the Internet is a potential danger for children and teenagers. This paper presents a comprehensive evaluation of a digital educational game that teaches children and teenagers between the ages of ten and thirteen in-depth knowledge and skills about the structure of a URL and how to recognize and mitigate phishing. Playing the educational game led to a significant increase of the participants’ phishing detection rate. Furthermore, a comparison of different phishing types revealed on which phishing types future work should focus due to lower detection rates. Phishing Academy is a browser-based educational game, which is available in German and English and can also be played via touch gestures.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Short for Retention Test to determine long-term effects after a specified period.
- 2.
All 48 URLs as well as the synthesis and categorization of the URLs can be found in [9].
- 3.
For a detailed breakdown and reasons for incompleteness consider [9].
- 4.
The following phishing URLs have been used in the base set. […] mark shortened parts. Subdomain: https://spotify.securelogin.com/de/login?account?m=2&i=1[…]. Word appendix: https://accounts.nintendo-login.com/mygames. IP address: https://173.31.166.156/de/login. Path: https://secure-store.com/www.apple.com/de/shop/account/[…]. Similar characters/combinations: https://yovtvbe.com/account/?userid=jlgkiSOIjXTbYnZAeL?m=2&i=2. Typos/Swaps: https://account.mircosoft.com/common/oauth2/authorize?client_id=4345[…].
References
Anti-Phishing Working Group: Phishing Activity Trends Report 3rd Quarter (2020). https://docs.apwg.org/reports/apwg_trends_report_q3_2020.pdf. Accessed 27 June 2021
Federal Trade Commission: How To Recognize and Avoid Phishing Scams. https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams. Accessed 01 July 2021
Sheng, S., et al.: Anti-phishing Phil: the design and evaluation of a game that teaches people not to fall for Phish. In: Proceedings of the 3rd Symposium on Usable Privacy and Security, SOUPS 2007, pp. 88–99, Pittsburgh (2007)
Canova, G., et al.: NoPhish app evaluation: lab and retention study. In: Proceedings 2015 Workshop on Usable Security, Internet Society, San Diego (2015)
Kunz, A., et al.: NoPhish: evaluation of a web application that teaches people being aware of phishing attacks. In: Mayr, H., Pinzger, M. (eds.) INFORMATIK 2016, LNI, pp. 1–13. Gesellschaft für Informatik, Klagenfurt (2016)
Roepke, R., et al.: Mit der Lupe unterwegs. In Pinkwart, N., Konert, J., (eds.): Die 17. Fachtagung Bildungstechnologien, LNI, pp. 315–316. Gesellschaft für Informatik, Bonn (2019)
Schöbel, S.: Phishing Academy: Entwicklung und Umsetzung eines digitalen Lernspiels zu Website-URLs und Phishing. Bachelor-Thesis, Aachen (2019)
Roepke, R., Koehler, K., Drury, V., Schroeder, U., Wolf, M.R., Meyer, U.: A pond full of phishing games - analysis of learning games for anti-phishing education. In: Hatzivasilis, G., Ioannidis, S. (eds.) MSTEC 2020. LNCS, vol. 12512, pp. 41–60. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-62433-0_3
Schöbel, S.: Erweiterung und Evaluation des digitalen Lernspiels Phishing Academy. Master-Thesis, Aachen (2021)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Schoebel, S., Roepke, R., Schroeder, U. (2021). Phishing Academy: Evaluation of a Digital Educational Game on URLs and Phishing. In: de Rosa, F., Marfisi Schottman, I., Baalsrud Hauge, J., Bellotti, F., Dondio, P., Romero, M. (eds) Games and Learning Alliance. GALA 2021. Lecture Notes in Computer Science(), vol 13134. Springer, Cham. https://doi.org/10.1007/978-3-030-92182-8_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-92182-8_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-92181-1
Online ISBN: 978-3-030-92182-8
eBook Packages: Computer ScienceComputer Science (R0)