Gophish: Implementing a Real-World Phishing Exercise to Teach Social Engineering

Gophish: Implementing a Real-World Phishing Exercise to Teach Social Engineering

Social engineering is a large problem in our modern technological world, but while conceptually understood, it is harder to teach compared to traditional pen testing techniques. This research details a class project where students implemented a phishing exercise against real-world targets. Through c...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of cybersecurity education, research & practice research & practice, 2021-01, Vol.2020 (2)
Hauptverfasser: Luse, Andy, Burkman, Jim
Format: Artikel
Sprache:eng
Schlagworte:
Computer Science Education
Computer Security
Deception
Electronic Mail
Experiential Learning
Information Security
Internet
School Business Relationship
Skill Development
Student Projects
Students
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Social engineering is a large problem in our modern technological world, but while conceptually understood, it is harder to teach compared to traditional pen testing techniques. This research details a class project where students implemented a phishing exercise against real-world targets. Through cooperation with an external corporate partner, students learned the legal, technical, behavioral, analysis, and reporting aspects of social engineering. The outcome provided both usable data for a real-world corporation as well as valuable educational experience for the students.
ISSN:2472-2707
2472-2707
DOI:10.62915/2472-2707.1072