Gophish: Implementing a Real-World Phishing Exercise to Teach Social Engineering

Gophish: Implementing a Real-World Phishing Exercise to Teach Social Engineering

Social engineering is a large problem in our modern technological world, but while conceptually understood, it is harder to teach compared to traditional pen testing techniques. This research details a class project where students implemented a phishing exercise against real-world targets. Through c...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of cybersecurity education, research & practice research & practice, 2021-01, Vol.2020 (2)
Hauptverfasser: Luse, Andy, Burkman, Jim
Format: Artikel
Sprache:eng
Schlagworte:
Computer Science Education
Computer Security
Deception
Electronic Mail
Experiential Learning
Information Security
Internet
School Business Relationship
Skill Development
Student Projects
Students
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue 2
container_start_page
container_title Journal of cybersecurity education, research & practice
container_volume 2020
creator Luse, Andy
Burkman, Jim
description Social engineering is a large problem in our modern technological world, but while conceptually understood, it is harder to teach compared to traditional pen testing techniques. This research details a class project where students implemented a phishing exercise against real-world targets. Through cooperation with an external corporate partner, students learned the legal, technical, behavioral, analysis, and reporting aspects of social engineering. The outcome provided both usable data for a real-world corporation as well as valuable educational experience for the students.
doi_str_mv 10.62915/2472-2707.1072
format Article
fullrecord <record><control><sourceid>eric_cross</sourceid><recordid>TN_cdi_eric_primary_EJ1343203</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ericid>EJ1343203</ericid><sourcerecordid>EJ1343203</sourcerecordid><originalsourceid>FETCH-LOGICAL-c1032-fb4275d94cf674462aea0698da21bb32f6528047839fc438d0f24cea327a2faf3</originalsourceid><addsrcrecordid>eNpNkF1LwzAUhoMoOOauvRLyB7qdnKRN652MOicDh068DGmarJV-jGQX-u9tnQyvzuF9H86Bh5BbBvMEMxYvUEiMUIKcM5B4QSbn4PLffk1mIXwCAMYMOYgJ2a76Q1WH6p6u20NjW9sd625PNX21uok-et-UdDsCY5p_WW_qYOmxpzurTUXfelPrhubdvu6s9QN0Q66cboKd_c0peX_Md8unaPOyWi8fNpFhwDFyhUAZl5kwLpFCJKithiRLS42sKDi6JMYUhEx55ozgaQkOhbGao9TotONTcne6O3w16uDrVvtvlT8zLjgCH_rFqTe-D8Fbd2YYqF9natSiRi1qdMZ_AAYqXFc</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Gophish: Implementing a Real-World Phishing Exercise to Teach Social Engineering</title><source>ERIC - Full Text Only (Discovery)</source><source>DOAJ Directory of Open Access Journals</source><creator>Luse, Andy ; Burkman, Jim</creator><creatorcontrib>Luse, Andy ; Burkman, Jim</creatorcontrib><description>Social engineering is a large problem in our modern technological world, but while conceptually understood, it is harder to teach compared to traditional pen testing techniques. This research details a class project where students implemented a phishing exercise against real-world targets. Through cooperation with an external corporate partner, students learned the legal, technical, behavioral, analysis, and reporting aspects of social engineering. The outcome provided both usable data for a real-world corporation as well as valuable educational experience for the students.</description><identifier>ISSN: 2472-2707</identifier><identifier>EISSN: 2472-2707</identifier><identifier>DOI: 10.62915/2472-2707.1072</identifier><language>eng</language><publisher>Kennesaw State University</publisher><subject>Computer Science Education ; Computer Security ; Deception ; Electronic Mail ; Experiential Learning ; Information Security ; Internet ; School Business Relationship ; Skill Development ; Student Projects ; Students</subject><ispartof>Journal of cybersecurity education, research &amp; practice, 2021-01, Vol.2020 (2)</ispartof><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>230,314,687,776,780,860,881,27901,27902</link.rule.ids><backlink>$$Uhttp://eric.ed.gov/ERICWebPortal/detail?accno=EJ1343203$$DView record in ERIC$$Hfree_for_read</backlink></links><search><creatorcontrib>Luse, Andy</creatorcontrib><creatorcontrib>Burkman, Jim</creatorcontrib><title>Gophish: Implementing a Real-World Phishing Exercise to Teach Social Engineering</title><title>Journal of cybersecurity education, research &amp; practice</title><description>Social engineering is a large problem in our modern technological world, but while conceptually understood, it is harder to teach compared to traditional pen testing techniques. This research details a class project where students implemented a phishing exercise against real-world targets. Through cooperation with an external corporate partner, students learned the legal, technical, behavioral, analysis, and reporting aspects of social engineering. The outcome provided both usable data for a real-world corporation as well as valuable educational experience for the students.</description><subject>Computer Science Education</subject><subject>Computer Security</subject><subject>Deception</subject><subject>Electronic Mail</subject><subject>Experiential Learning</subject><subject>Information Security</subject><subject>Internet</subject><subject>School Business Relationship</subject><subject>Skill Development</subject><subject>Student Projects</subject><subject>Students</subject><issn>2472-2707</issn><issn>2472-2707</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>GA5</sourceid><recordid>eNpNkF1LwzAUhoMoOOauvRLyB7qdnKRN652MOicDh068DGmarJV-jGQX-u9tnQyvzuF9H86Bh5BbBvMEMxYvUEiMUIKcM5B4QSbn4PLffk1mIXwCAMYMOYgJ2a76Q1WH6p6u20NjW9sd625PNX21uok-et-UdDsCY5p_WW_qYOmxpzurTUXfelPrhubdvu6s9QN0Q66cboKd_c0peX_Md8unaPOyWi8fNpFhwDFyhUAZl5kwLpFCJKithiRLS42sKDi6JMYUhEx55ozgaQkOhbGao9TotONTcne6O3w16uDrVvtvlT8zLjgCH_rFqTe-D8Fbd2YYqF9natSiRi1qdMZ_AAYqXFc</recordid><startdate>20210111</startdate><enddate>20210111</enddate><creator>Luse, Andy</creator><creator>Burkman, Jim</creator><general>Kennesaw State University</general><scope>AAYXX</scope><scope>CITATION</scope><scope>ERI</scope><scope>GA5</scope></search><sort><creationdate>20210111</creationdate><title>Gophish: Implementing a Real-World Phishing Exercise to Teach Social Engineering</title><author>Luse, Andy ; Burkman, Jim</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c1032-fb4275d94cf674462aea0698da21bb32f6528047839fc438d0f24cea327a2faf3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Computer Science Education</topic><topic>Computer Security</topic><topic>Deception</topic><topic>Electronic Mail</topic><topic>Experiential Learning</topic><topic>Information Security</topic><topic>Internet</topic><topic>School Business Relationship</topic><topic>Skill Development</topic><topic>Student Projects</topic><topic>Students</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Luse, Andy</creatorcontrib><creatorcontrib>Burkman, Jim</creatorcontrib><collection>CrossRef</collection><collection>ERIC</collection><collection>ERIC - Full Text Only (Discovery)</collection><jtitle>Journal of cybersecurity education, research &amp; practice</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Luse, Andy</au><au>Burkman, Jim</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><ericid>EJ1343203</ericid><atitle>Gophish: Implementing a Real-World Phishing Exercise to Teach Social Engineering</atitle><jtitle>Journal of cybersecurity education, research &amp; practice</jtitle><date>2021-01-11</date><risdate>2021</risdate><volume>2020</volume><issue>2</issue><issn>2472-2707</issn><eissn>2472-2707</eissn><abstract>Social engineering is a large problem in our modern technological world, but while conceptually understood, it is harder to teach compared to traditional pen testing techniques. This research details a class project where students implemented a phishing exercise against real-world targets. Through cooperation with an external corporate partner, students learned the legal, technical, behavioral, analysis, and reporting aspects of social engineering. The outcome provided both usable data for a real-world corporation as well as valuable educational experience for the students.</abstract><pub>Kennesaw State University</pub><doi>10.62915/2472-2707.1072</doi><tpages>13</tpages><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 2472-2707
ispartof Journal of cybersecurity education, research & practice, 2021-01, Vol.2020 (2)
issn 2472-2707
2472-2707
language eng
recordid cdi_eric_primary_EJ1343203
source ERIC - Full Text Only (Discovery); DOAJ Directory of Open Access Journals
subjects Computer Science Education
Computer Security
Deception
Electronic Mail
Experiential Learning
Information Security
Internet
School Business Relationship
Skill Development
Student Projects
Students
title Gophish: Implementing a Real-World Phishing Exercise to Teach Social Engineering
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-10T22%3A09%3A58IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-eric_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Gophish:%20Implementing%20a%20Real-World%20Phishing%20Exercise%20to%20Teach%20Social%20Engineering&rft.jtitle=Journal%20of%20cybersecurity%20education,%20research%20&%20practice&rft.au=Luse,%20Andy&rft.date=2021-01-11&rft.volume=2020&rft.issue=2&rft.issn=2472-2707&rft.eissn=2472-2707&rft_id=info:doi/10.62915/2472-2707.1072&rft_dat=%3Ceric_cross%3EEJ1343203%3C/eric_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ericid=EJ1343203&rfr_iscdi=true