Author(s) :

Hareni Srikanth, Kavi Swetha S, Imaya Subash A D

Conference Name :

International Conference on Recent Trends in Computing & Communication Technologies (ICRCCT’2K24)

Abstract :

Phishing attacks represent a significant cybersecurity threat, often exploiting human error to gain unauthorized access to sensitive information. This paper explores an educational approach to mitigating phishing risks by simulating a controlled phishing attack within a corporate environment. A fake e commerce site, designed to mimic real world phishing schemes, was developed and used in conjunction with the open source phishing framework GoPhish. Through targeted email campaigns, employees were prompted to interact with this site, allowing for the monitoring and analysis of their responses to phishing attempts. By capturing engagement metrics such as click through rates and data submission, we were able to evaluate employee susceptibility to phishing tactics in a risk free setting. This controlled simulation not only demonstrates the tactics used in phishing attacks but also reinforces cybersecurity best practices and strengthens employee awareness. The findings underscore the importance of proactive security education, revealing key areas for improvement in cybersecurity awareness and enabling the development of effective prevention measures.

No. of Downloads :

2