Cybersecurity: No Phishing Allowed

Phishing is a popular strategy for hackers to acquire sensitive information from individuals and businesses. A common form of phishing takes place through emails and many adults who are frequent email users do not have prior knowledge of or experience with phishing scams. This negatively impacts their ability to distinguish between real and fraudulent emails, leaving them at a greater risk of becoming victims of phishing scams. To address this problem, a learning module on phishing scams was developed to provide adults with background information about phishing, teach them how to detect common scam cues, and provide them with an opportunity to practice distinguishing real and fraudulent emails in a no-risk environment.

The self-paced online instructional module was developed through Wix and Genially, and guided by Keller’s ARCS Model of Motivation. To evaluate the module, a usability study was conducted through synchronous interviews (n = 3) and an asynchronous learning effectiveness study (n = 17). The usability study revealed a need for improvement in parts of the module’s navigation as well as the overall visual design. At the conclusion of the learning effectiveness study, the module received positive comments from participants regarding the interactivity, ease of use, and overall learning experience. The study showed an average increase of 25 percentage points between the pre and post assessments. The results suggest that learners were able to gain a better understanding of phishing emails and improve their abilities to distinguish them, suggesting this module may be applicable to a wider audience.