Can a Mobile Game Teach Computer Users to Thwart Phishing Attacks?
This addresses the problem of phishing education for computer users, but it is incremental as it builds on existing game design and compares to known methods.
The study tackled the problem of phishing attacks by comparing mobile game-based learning to traditional online learning, finding that participants who played the mobile game were better at identifying fraudulent websites than those who used the website without training.
Phishing is an online fraudulent technique, which aims to steal sensitive information such as usernames, passwords and online banking details from its victims. To prevent this, anti-phishing education needs to be considered. This research focuses on examining the effectiveness of mobile game based learning compared to traditional online learning to thwart phishing threats. Therefore, a mobile game prototype was developed based on the design introduced by Arachchilage and Cole [3]. The game design aimed to enhance avoidance behaviour through motivation to thwart phishing threats. A website developed by Anti-Phishing Work Group (APWG) for the public Anti-phishing education initiative was used as a traditional web based learning source. A think-aloud experiment along with a pre- and post-test was conducted through a user study. The study findings revealed that the participants who played the mobile game were better able to identify fraudulent web sites compared to the participants who read the website without any training.