| References: [1] Acquisti, H. (2014), “Privacy in electronic commerce and economics of immediate gratification”, ACM Press, 2004, pp. 21-29; B.K. Wiederhold, “The role of Psychology in Enhancing Cybersecurity”, Cyberpsychology, Behavior and Social Networking, Mary Ann Liebert Inc. Publishers, New Rochelle, pp. 1-2.
[2] Agten, P., Joosen, W., Piessens, F., Nikiforakis, N. (2015),” Seven Months’ Worth of Mistakes: A Longitudinal Study of Typosquatting Abuse. In Network and Distributed System Security Symposium. Internet Society.
[3] Aleroud, A., Zhou, L. (2017), “Phishing environments, techniques, and countermeasures: A survey,” Computers & Security, vol. 68, pp. 160 – 196.
[4] Allodi, L., Chotza, T., Panina, E., Zannone, N. (2020) ,”The need for new anti-phishing measures against spear-phishing attacks”, IEEE Security & Privacy, 18(2):23–34.
[5] AlRashid, H., AlZahrani, R., ElQawasmeh, E. (2014), "Reverse of e-mail spam filtering algorithms to maintain e-mail deliverability," 2014 Fourth International Conference on Digital Information and Communication Technology and its Applications (DICTAP), Bangkok, pp. 297-300.
[6] Amankwa, E., Loock, M., Kritzinger, E.(2015),"Enhancing information security education and awareness: Proposed characteristics for a model", In: 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec). pp. 72–77. IEEE.
[7] Amro, B. (2018), “Phishing Techniques in Mobile Devices,” arXiv, pp. 27–35, 2018, doi: 10.4236/jcc.2018.62003.
[8] Aonzo, S., Merlo, A., Tavella, G., Fratantonio, Y. (2018),“Phishing attacks on modern android,” Proc. ACM Conf. Comput. Commun. Secur., pp. 1788– 1801, 2018, doi: 10.1145/3243734.3243778.
[9] Arksey, H., O’Malley, L.(2005),"Scoping studies: towards a methodological framework", International journal of social research methodology 8(1), 19–32.
[10] Asai, T., Perez, J. L. C. (2012), “Human-related problems in information security faced by Japanese, British and American overseas companies because of cultural differences”, China-USA Business Review, Vol. 11, No. 1, Pp 86-101.
[11] Beaudin, K. (2017),” The Legal Implications of Storing Student Data: Preparing for and Responding to Data Breaches”, New Dir. Institutional Res. 2017, 2016, 37–48.
[12] Bullée, J-W H., Junger, M. (2020), “Social Engineering, Springer Nature”, Berlin, 2020, pp. 1-28. Bullée, J.-W. (2017), “Experimental social engineering: investigation and prevention. PhD thesis, University of Twente, 2017.
[13] Burda, P., Chotza, T., Allodi, L., Zannone, N. (2020),” Testing the Effectiveness of Tailored Phishing Techniques in Industry and Academia: a Field Experiment”, In International Conference on Availability, Reliability and Secu rity. ACM.
[14] Burns, A., Johnson, M., Caputo, D. (2019), “Spear Phishing in a Barrel: Insights from a Targeted Phishing Campaign”, Journal of organisational Computing and Electronic Commerce.
[15] Chapple, M. (2019), “Four ways to measure security success,” SearchSecurity. [Online]. Available: https://searchsecurity.techtarget.com/tip/Four-ways- to-measure-security-success. [Accessed: 10-Sep-2020].
[16] Chandra, J. V., Challa, N., Pasupuleti, S.K. (2016),"A practical approach to E-mail spam filters to protect data from advanced persistent threat," 2016 International Conference on Circuit, Power and Computing Technologies (ICCPCT), Nagercoil, pp. 1-5.
[17] Chau, P. Y .K. (1997), “Reexamining a model for evaluating information center success using a structural equation modeling approach”, Decision Sciences, 28(2), 309-334. doi:10.1111/j.1540-5915.1997.tb01313.x.
[18] Chernis, B., Verma, R.(2018),”Machine Learning Methods for Software Vulnerability Detection”, In: Proceedings of the Fourth ACM International Workshop on Security and Privacy Analytics ACM. 2018. p. 31–9.
[19] Chin, W. W. (1998),” The partial least squares approach to structural equation modeling”, In G. A. Marcoulides (Ed.), Modern methods for business research (pp. 295–358). Mahwah: Lawrence Erlbaum.
[20] Churi, T., Sawardekar, P., Pardeshi, A., Vartak, P. (2017),“A secured methodology for anti-phishing,” Proc. 2017 Int. Conf. Innov. Information, Embed. Commun. Syst. ICIIECS 2017, vol. 2018- Janua, pp. 1–4, 2018, doi: 10.1109/ICIIECS.2017.8276081.
[21] Cryptovision. (2021), “223 billion euros in damage caused by cyberattacks on German companies” https://www.cryptovision.com/en/223-billion-euros-in-damage-caused-by-cyberattacks-on-ger man-companies/”
[22] Da Veiga, A., Martins, N. ( 2015), “Improving the information security culture through monitoring and implementation actions illustrated through a case study,” Computers & Security, vol. 49, pp. 162–176.
[23] Dhanaraj, S., Karthikeyani, V. (2013), "A study on E-mail image spam filtering techniques," 2013 International Conference on Pattern Recognition, Informatics and Mobile Engineering, Salem, pp. 49-55.
[24] Diaz, A., Sherman, A.T., Joshi, A. (2018), “Phishing in an Academic Community: A Study of User Susceptibility and Behavior”, arXiv 2018. arXiv: 1811.06078.
[25] Dojkovski, S., Lichtenstein, S., Warren, M.J.(2007),"Fostering Information Security Culture in Small and Medium Size Enterprises", An Interpretive Study in Australia. In: ECIS. pp. 1560–1571.
[26] Eccles, J.S., Wigfield, A. (2002), "Motivational beliefs, values, and goals [Learning and performance in educational settings]", Annual Review Psychology, 53, 109-132.
[27] Eduardo, B., Fuertes, W., Sanchez, S., Sanchez, M. (2020), “Classification of Phishing Attack Solutions by Employing Deep Learning Techniques”, A Systematic Literature Review”, vol. 152. Springer Singapore.
[28] Eminagaoglu, M., Uçar, E. & Eren, S. (2009),“The positive outcomes of information security awareness training in companies – A case study”, Information Security Tech. Report, Elsevier pp. 223-229.
[29] ENISA. (2019), “Cybersecurity Culture Guidelines: Behavioural Aspects of Cybersecurity”- (2019), https://www.enisa.europa.eu/publications/cybersecurity-cultureguidelines-behavioural-aspects -of-cybersecurity/ (Accessed 11-September-2020)
[30] Fabisiak, L., Hyla, T. (2020), “Measuring cyber security awareness within groups of medical professionals in Poland”, Proceedings of the 53rd Hawaii International Conference on System Sciences, pp. 3871-3880.
[31] Fornell, C. G., Larcker, D. F. (1981), “Evaluating struc-
tural equation models with unobservable variables and measurement error”, Journal of Marketing Research, 18(1), 39–50.
[32] Furnell, S., Thomson, K.L. (2009),” Recognising and addressing ‘security fatigue’”, Computer Fraud & Security 2009(11), 7–11.
[33] Godefroid, P., Peleg, H., Singh, R.(2017),” Learn&Fuzz: Machine learning for input fuzzing”, In: 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE). IEEE; 2017. p. 50–9.
[34] Grieco, G., Grinblat, G.L., Uzal, L., Rawat, S., Feist. J., Mounier, L.(2016),” Toward Large-Scale Vulnerability Discovery using Machine Learning. In: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy. ACM; 2016. p. 85–96.
[35] Gupta, B., Tewari, Jain, A.K., Agrawal, D. P. (2017),“Fighting against phishing attacks: state of the art and future challenges,” Neural Computing and Applications, vol. 28, no. 12, pp. 3629–3654.
[36] Hadnagy, C. (2018) ,“Social Engineering”, The Science of Human Hacking. Wiley. Hu, H., Wang, G. (2018),”End-to-End Measurements of Email Spoofing Attacks” In USENIX Security Symposium, pages 1095–1112. USENIX Association.
[37] Ifinedo, P. (2014), “Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition,” Inf. Manag., vol. 51, no. 1, pp. 69–79, Jan. 2014.
[38] Iuga, C., Nurse, J.R.C., Erola, A.(2016),"Baiting the hook: factors impacting susceptibility to phishing attacks", Human-centric Computing and Information Sciences 6(1), 8.
[39] Jasper, G., Kathrine, W., Praise, P. M., Rose, A. A., Kalaivani, E. C. (2019),“Variants of phishing attacks and their detection techniques,” Proc. Int. Conf. Trends Electron.
[40] Informatics, ICOEI 2019, no. Icoei, pp. 255–259, 2019, doi: 10.1109/ICOEI.2019.8862697. Jensen, M., Dinger, M., Wright, R., Thatcher, T. (2017), ”Training to mitigate phishing attacks using mindfulness techniques. Journal of Management Information Systems, 34(2):597–626.
[41] Karumbaiah, S., Wright, R.T., Durcikova, A., Jensen, M. L. (2016), “ Phishing training: A preliminary look at the effects of different types of training”, In Proceedings of the 11th Pre-ICIS Workshop on Information Security and Privacy, pages 1–10.
[42] Kunju, M. V., Dainel, E., Anthony, H. C., Bhelwa, S. (2019), “Evaluation of phishing techniques based on machine learning,” 2019 Int. Conf. Intell. Comput. Control Syst. ICCS 2019, no. Iciccs, pp. 963–968, 2019, doi: 10.1109/ICCS45141.2019.9065639.
[43] Liu, P., Moh, T.S. (2016), "Content Based Spam E-mail Filtering," 2016 International Conference on Collaboration Technologies and Systems (CTS), Orlando, FL, pp. 218-224.
[44] Lohmöller, J.-B. (1989),”Latent variable path modeling with partial least squares”, Heidelberg: Physica.
[45] MacCallum, R.C., Browne, M.W., Sugawara, H.M. (1996), “Power Analysis and Determination of Sample Size for Covariance Structure Modeling “, Psychological Methods, 1:130–49.
[46] Marsh & Microsoft. (2018),"By the Numbers: Clobal Cyber Risk Perception Survey", 2018, PwC, Managing risks and enabling growth in the age of innovation. 2018 Risk in Review Study, 2018.
[47] Moul, K. A. (2019),“Avoid phishing traps,” Proc. ACM SIGUCCS User Serv. Conf., no. August 2017, pp. 199–208, 2019, doi: 10.1145/3347709.3347774.
[48] N. Agrawal, N., Singh, S. (2016),"Origin (dynamic blacklisting) based spammer detection and spam mail filtering approach," 2016 Third International Conference on Digital Information Processing, Data Mining, and Wireless Communications (DIPDMWC), Moscow, pp. 99-104.
[49] Nurse, J.R.C. (2018),”Cybercrime and you: How criminals attack and the human factors that they seek to exploit. In: et al., A.S. (ed.) The Oxford Handbook of Cyberpsychology.
[50] Nurse, J.R.C., Creese, S., Goldsmith, M., Lamberts, K. (2011), “Trustworthy and effective communication of cybersecurity risks: A review. In: Workshop on Socio-Technical Aspects in Security and Trust (STAST)”, pp. 60–68. IEEE (2011) 40. OAS: Cybersecurity Awareness Campaign Toolk
[51] Oliveira, D., Rocha, H., Yang, H., Ellis, D., Dommaraju, S., Muradoglu, M., Weir, D., Soliman, A., Lin, T., Ebner, N. (2017),” Dissecting spear phishing emails for older vs young adults: On the interplay of weapons of influence and life domains in predicting susceptibility to phishing”, In Conference on Human Factors in Computing Systems, page 6412–6424. ACM.
[52] Pienta, D., Tams, S. & Thatcher, J.B. (2020),“Can Trust be Trusted in Cybersecurity?”, Proceedings of the 53rd Hawaii International Conference on System Sciences pp 4264-4273.
[53] Rajpal, M., Blum, W., Singh, R. (2017),” Not all bytes are equal: Neural byte sieve for fuzzing”-; 2017 Nov 9; 1–10.
[54] Rastenis, J., Ramanauskaite, S., Janulevicius, J., ? Cenys, A., ? Slotkiene, A., Pakrijauskas, K. (2020), “E-mail-based phishing attack taxonomy,” Appl. Sci., vol. 10, no. 7, pp. 1–15, 2020, doi: 10.3390/app10072363.
[55] Santos-Olmo, A., S´anchez, L., Caballero, I., Camacho, S., Fernandez-Medina, E.(2016),"The importance of the security culture in smes as regards the correct management of the security of their assets", Future Internet 8(3), 30.
[56] Shahri, A. B., Ismail, Z., Rahim, N. Z. A. B . (2012), “Security effectiveness in health information system: through improving the human factors by education and training”, Australian Journal of Basic and Applied Sciences, 6, 226-233.
[57] Sharma, A. K., Yadav, R. (2015), "Spam Mails Filtering Using Different Classifiers with Feature Selection and Reduction Technique," 2015 Fifth International Conference on Communication Systems and Network Technologies, Gwalior, pp. 1089-1093.
[58] She, D., Pei, K., Epstein, D., Yang, J., Ray, B., Jana, S. (2019),”NEUZZ: Efficient Fuzzing with Neural Program Smoothing”, IEEE Symposium on Security & Privacy; 2019, 89(46). p. 38.
[59] Sohrabi, N., Von Solms, R., Furnell, S., Elizabeth, P., and Africa, S. (2016), “Information security policy compliance model in organisations,” Comput. Secur., vol. 56, pp. 1–13.
[60] Stewart, H. (2020), “Information Technology and Cyber Security Unplugged”: The interrelationship between Human Technology and Cyber Crime Today (English Edition), Rohhat LTD” 2020.
[61] Stewart, H., and Jürjens, J. (2017), "Information security management and the human aspect in organizations", Information & Computer Security, vol. 25, no. 5, pp. 494–534. https://doi.org/10.1108/ICS-07-2016-0054
[62] Stewart, H. (2021), "The hindrance of cloud computing acceptance within the financial sectors in Germany", Information and Computer Security, Vol. ahead-of-print No. ahead-of-print. https://doi.org/10.1108/ICS-01-2021-0002
[63] Stewart, H. and Jürjens, J. (2018), "Data security and consumer trust in FinTech innovation in Germany", Information and Computer Security, Vol. 26 No. 1, pp. 109-128. https://doi.org/10.1108/ICS-06-2017-0039
[64] Tandale, K.D., Pawar, S.N. (2020),"Different Types of Phishing Attacks and Detection Techniques: A Review." 2020 International Conference on Smart Innovations in Design, Environment, Management, Planning and Computing (ICSIDEMPC). IEEE, 2020.
[65] Tawileh, A., Hilton, J., McIntosh, S. (2007),"Managing information security in small and medium sized enterprises: A holistic approach", In: ISSE/SECURE 2007 Securing Electronic Business Processes, pp. 331–339. Springer.
[66] Teixeira da Silva, J., Alkhatib, A., Tsigaris, P. (2020),” Spam emails in academia”, Issues and costs. Scientometrics 2020, 122, 1171–1181.
[67] Tewari, A., Jain, A.K., Gupta, B .B. (2016), “Recent survey of various defense mechanisms against phishing attacks,” Journal of Information Privacy and Security, vol. 12, no. 1, pp. 3–13.
[68] Thomas, J. (2018),“Individual Cyber Security: Empowering Employees to Resist Spear Phishin to Prevent Identity Theft and Ransomware Attacks”, International
Journal of Business and Management, Canadian Center of Science and Education, Richmond Hill, pp. 1-24.
[69] Thomas, J., Raj, N. S.,Vinod, P. (2014),"Towards filtering spam mails using dimensionality reduction methods," 2014 5th International Conference - Confluence The Next Generation Information Technology Summit (Confluence), Noida, pp. 163-168.
[70] Tsai, W.C., Tai, W.T.(2003)",Perceived importance as a mediator of the relationship between training assignment and training motivation", Personnel Review, 32(1/2), 151-163.
[71] Vance, A., Jenkins,J.L., Anderson, B.B., Bjornn, D.K., Kirwan, C.B. (2018), “Tuning out security warnings: A longitudinal examination of habituation through fMRI, eye tracking, and field experiments”, MIS Quarterly, Management Information Systems Research Center, Minneapolis, pp. 355-380.
[72] Vyas, T., Prajapati, P., Gadhwal, S. (2015), "A survey and evaluation of supervised machine learning techniques for spam e-mail filtering," 2015 IEEE International Conference on Electrical, Computer and Communication Technologies (ICECCT), Coimbatore, pp. 1-7.
[73] Wang, J., Chen, B., Wei, L., Liu, Y. (2017),”Skyfire: Data-Driven Seed Generation for Fuzzing”, In: 2017 IEEE Symposium on Security and Privacy (SP). IEEE; 2017. p. 579–94.
[74] Wang, Y., Liu, Y., Wu, T., Duncan, I.(2020), “A Cost-Effective OCRImplementation to Prevent Phishing on Mobile Platforms,” Int. Conf.Cyber Secur. Prot. Digit. Serv. Cyber Secur. 2020, 2020, doi:10.1109/CyberSecurity 49315.2020.9138873.
[75] Wash, R., Cooper, M. M. (2018), “Who Provides Phishing Training? Facts, Stories, and People Like Me”, In Conference on Human Factors in Computing Systems, page 1–12. ACM.
[76] Wiederhold, B.K. (2014), “The role of Psychology in Enhancing Cybersecurity”, Cyberpsychology, Behavior and Social Networking, Mary Ann Liebert Inc. Publishers, New Rochelle, pp. 1-2.
[77] Wold, H. (1982),” Soft modeling: the basic design and some extensions”, In K. G. Jöreskog & H. Wold (Eds.), Systems under indirect observations: part II (pp. 1–54). Amsterdam: North-Holland.
[78] Wright, P. G. (1928),”The tariff on animal and vegetable oils”, 347 pp. The Macmillan Co., New York. Wright, S., 1918-On the nature of size factors. Genetics 3: 367-374.
[79] Wu, F., Wang, J., Liu, J., Wang, W. (2017),”Vulnerability detection with deep learning”,, In: 2017 3rd IEEE International Conference on Computer and Communications (ICCC); 2017. p. 1298–302. |