{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T01:22:44Z","timestamp":1777339364828,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":55,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,9,30]],"date-time":"2024-09-30T00:00:00Z","timestamp":1727654400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,9,30]]},"DOI":"10.1145\/3688459.3688460","type":"proceedings-article","created":{"date-parts":[[2024,11,20]],"date-time":"2024-11-20T08:31:55Z","timestamp":1732091515000},"page":"1-14","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["You Know What? - Evaluation of a Personalised Phishing Training Based on Users' Phishing Knowledge and Detection Skills"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9483-617X","authenticated-orcid":false,"given":"Lorin","family":"Sch\u00f6ni","sequence":"first","affiliation":[{"name":"Security, Privacy and Society, ETH Zurich, Zurich, Switzerland,"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-2149-7132","authenticated-orcid":false,"given":"Victor","family":"Carles","sequence":"additional","affiliation":[{"name":"Security, Privacy and Society, ETH Zurich, Zurich, Switzerland,"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1936-0933","authenticated-orcid":false,"given":"Martin","family":"Strohmeier","sequence":"additional","affiliation":[{"name":"Cyber-Defence Campus, armasuisse, Thun, Switzerland,"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6267-4874","authenticated-orcid":false,"given":"Peter","family":"Mayer","sequence":"additional","affiliation":[{"name":"Department of Mathematics and Computer Science, University of Southern Denmark, Odense, Denmark and SECUSO, Karlsruhe Institute of Technology, Odense, Germany,"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6873-8146","authenticated-orcid":false,"given":"Verena","family":"Zimmermann","sequence":"additional","affiliation":[{"name":"Security, Privacy and Society, ETH Zurich, Zurich, Switzerland,"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,11,20]]},"reference":[{"key":"e_1_3_3_2_2_2","doi-asserted-by":"publisher","unstructured":"Hussain Aldawood and Geoffrey Skinner. 2019. Reviewing Cyber Security Social Engineering Training and Awareness Programs\u2014Pitfalls and Ongoing Issues. Future Internet 11 3 (March 2019) 73. 10.3390\/fi11030073","DOI":"10.3390\/fi11030073"},{"key":"e_1_3_3_2_3_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-38530-8_12"},{"key":"e_1_3_3_2_4_2","volume-title":"Ethical principles of psychologists and code of conduct","year":"2017","unstructured":"APA. 2017. Ethical principles of psychologists and code of conduct. https:\/\/www.apa.org\/ethics\/code"},{"key":"e_1_3_3_2_5_2","unstructured":"APWG. 2023. Phishing Activity Trends Report 1st Quarter 2023. https:\/\/docs.apwg.org\/reports\/apwg_trends_report_q1_2023.pdf"},{"key":"e_1_3_3_2_6_2","doi-asserted-by":"publisher","DOI":"10.14236\/ewic\/HCI2012.69"},{"key":"e_1_3_3_2_7_2","doi-asserted-by":"publisher","unstructured":"Yoav Benjamini and Yosef Hochberg. 1995. Controlling the False Discovery Rate: A Practical and Powerful Approach to Multiple Testing. Journal of the Royal Statistical Society: Series B (Methodological) 57 1 (1995) 289\u2013300. 10.1111\/j.2517-6161.1995.tb02031.x","DOI":"10.1111\/j.2517-6161.1995.tb02031.x"},{"key":"e_1_3_3_2_8_2","doi-asserted-by":"publisher","unstructured":"Benjamin\u00a0M. Berens Mattia Mossano and Melanie Volkamer. 2024. Taking 5 minutes protects you for 5 months: Evaluating an anti-phishing awareness video. Computers & Security 137 (Feb. 2024) 103620. 10.1016\/j.cose.2023.103620 https:\/\/dl.acm.org\/doi\/10.1016\/j.cose.2023.103620","DOI":"10.1016\/j.cose.2023.103620"},{"key":"e_1_3_3_2_9_2","unstructured":"Marcus Beyer Sarah Ahmed Katja Doerlemann Simon Arnell Simon Parkin Angela Sasse and Neil Passingham. 2016. Awareness is only the first step: A framework for progressive engagement of staff in cyber security."},{"key":"e_1_3_3_2_10_2","doi-asserted-by":"publisher","unstructured":"Patrick\u00a0D Bridge and Shlomo\u00a0S Sawilowsky. 1999. Increasing Physicians\u2019 Awareness of the Impact of Statistics on Research Outcomes: Comparative Power of the t-test and Wilcoxon Rank-Sum Test in Small Samples Applied Research. Journal of Clinical Epidemiology 52 3 (1999) 229\u2013235. 10.1016\/S0895-4356(98)00168-1","DOI":"10.1016\/S0895-4356(98)00168-1"},{"key":"e_1_3_3_2_11_2","doi-asserted-by":"publisher","unstructured":"Deanna\u00a0D. Caputo Shari\u00a0Lawrence Pfleeger Jesse\u00a0D. Freeman and M.\u00a0Eric Johnson. 2014. Going Spear Phishing: Exploring Embedded Training and Awareness. IEEE Security & Privacy 12 1 (2014) 28\u201338. 10.1109\/MSP.2013.106","DOI":"10.1109\/MSP.2013.106"},{"key":"e_1_3_3_2_12_2","doi-asserted-by":"publisher","unstructured":"Sherry\u00a0Y. Chen and Jen-Han Wang. 2021. Individual differences and personalized learning: a review and appraisal. Universal Access in the Information Society 20 4 (Nov. 2021) 833\u2013849. 10.1007\/s10209-020-00753-4 https:\/\/dl.acm.org\/doi\/10.1007\/s10209-020-00753-4","DOI":"10.1007\/s10209-020-00753-4"},{"key":"e_1_3_3_2_13_2","doi-asserted-by":"publisher","unstructured":"Nabin Chowdhury and Vasileios Gkioulos. 2021. Cyber security training for critical infrastructure protection: A literature review. Computer Science Review 40 (2021) 100361. 10.1016\/j.cosrev.2021.100361 https:\/\/dl.acm.org\/doi\/10.1016\/j.cosrev.2021.100361","DOI":"10.1016\/j.cosrev.2021.100361"},{"key":"e_1_3_3_2_14_2","doi-asserted-by":"publisher","DOI":"10.1145\/1357054.1357219"},{"key":"e_1_3_3_2_15_2","doi-asserted-by":"publisher","unstructured":"Cori Faklaris Laura Dabbish and Jason\u00a0I. Hong. 2022. Do They Accept or Resist Cybersecurity Measures? Development and Validation of the 13-Item Security Attitude Inventory (SA-13). 10.48550\/arXiv.2204.03114","DOI":"10.48550\/arXiv.2204.03114"},{"key":"e_1_3_3_2_16_2","doi-asserted-by":"publisher","unstructured":"Rida\u00a0Indah Fariani Kasiyah Junus and Harry\u00a0Budi Santoso. 2023. A Systematic Literature Review on Personalised Learning in the Higher Education Context. Technology Knowledge and Learning 28 2 (June 2023) 449\u2013476. 10.1007\/s10758-022-09628-4","DOI":"10.1007\/s10758-022-09628-4"},{"key":"e_1_3_3_2_17_2","unstructured":"Anjuli Franz Verena Zimmermann Gregor Albrecht Katrin Hartwig Christian Reuter Alexander Benlian and Joachim Vogt. 2021. SoK: Still Plenty of Phish in the Sea - A Taxonomy of User-Oriented Phishing Interventions and Avenues for Future Research. USENIX Association Berkeley CA USA 358. https:\/\/www.usenix.org\/conference\/soups2021\/presentation\/franz"},{"key":"e_1_3_3_2_18_2","doi-asserted-by":"publisher","unstructured":"Edwin\u00a0Donald Frauenstein and Stephen Flowerday. 2020. Susceptibility to phishing on social network sites: A personality information processing model. Computers & Security 94 (2020) 101862. 10.1016\/j.cose.2020.101862","DOI":"10.1016\/j.cose.2020.101862"},{"key":"e_1_3_3_2_19_2","doi-asserted-by":"publisher","unstructured":"Thomas Gro\u00df. 2021-04-01. Validity and Reliability of the Scale Internet Users\u2019 Information Privacy Concerns (IUIPC). Proceedings on Privacy Enhancing Technologies 2021 2 (2021-04-01) 235\u2013258. 10.2478\/popets-2021-0026","DOI":"10.2478\/popets-2021-0026"},{"key":"e_1_3_3_2_20_2","doi-asserted-by":"publisher","unstructured":"Andrew\u00a0F. Hayes and Jacob\u00a0J. Coutts. 2020. Use Omega Rather than Cronbach\u2019s Alpha for Estimating Reliability. But\u2026. Communication Methods and Measures 14 1 (Jan. 2020) 1\u201324. 10.1080\/19312458.2020.1718629","DOI":"10.1080\/19312458.2020.1718629"},{"key":"e_1_3_3_2_21_2","doi-asserted-by":"publisher","unstructured":"Wu He and Zuopeng Zhang. 2019. Enterprise cybersecurity training and awareness programs: Recommendations for success. Journal of Organizational Computing and Electronic Commerce 29 4 (2019) 249\u2013257. 10.1080\/10919392.2019.1611528","DOI":"10.1080\/10919392.2019.1611528"},{"key":"e_1_3_3_2_22_2","doi-asserted-by":"publisher","DOI":"10.1145\/3498891.3498902"},{"key":"e_1_3_3_2_23_2","volume-title":"Nonparametric statistical methods","author":"Hollander Myles","year":"1973","unstructured":"Myles Hollander and Douglas\u00a0A. Wolfe. 1973. Nonparametric statistical methods. Wiley New York, New York."},{"key":"e_1_3_3_2_24_2","unstructured":"Shiu-Li Huang and Jung-Hung Shiu. 2012. A User-Centric Adaptive Learning System for E-Learning 2.0. Journal of Educational Technology & Society 15 3 (2012) 214\u2013225. https:\/\/www.jstor.org\/stable\/jeductechsoci.15.3.214"},{"key":"e_1_3_3_2_25_2","doi-asserted-by":"publisher","DOI":"10.1109\/DEXA.2014.71"},{"key":"e_1_3_3_2_26_2","doi-asserted-by":"publisher","unstructured":"Daniel Jampen G\u00fcrkan G\u00fcr Thomas Sutter and Bernhard Tellenbach. 2020. Don\u2019t click: towards an effective anti-phishing training. A comparative literature review. Human-centric Computing and Information Sciences 10 1 (2020) 33. 10.1186\/s13673-020-00237-7 https:\/\/dl.acm.org\/doi\/10.1186\/s13673-020-00237-7","DOI":"10.1186\/s13673-020-00237-7"},{"key":"e_1_3_3_2_27_2","doi-asserted-by":"publisher","unstructured":"Matthew\u00a0L. Jensen Michael Dinger Ryan\u00a0T. Wright and Jason\u00a0Bennett Thatcher. 2017. Training to Mitigate Phishing Attacks Using Mindfulness Techniques. Journal of Management Information Systems 34 2 (April 2017) 597\u2013626. 10.1080\/07421222.2017.1334499","DOI":"10.1080\/07421222.2017.1334499"},{"key":"e_1_3_3_2_28_2","doi-asserted-by":"publisher","unstructured":"Aleksandra Kla\u0161nja-Mili\u0107evi\u0107 Boban Vesin Mirjana Ivanovi\u0107 and Zoran Budimac. 2011. E-Learning personalization based on hybrid recommendation strategy and learning style identification. Computers & Education 56 3 (April 2011) 885\u2013899. 10.1016\/j.compedu.2010.11.001 https:\/\/dl.acm.org\/doi\/10.1016\/j.compedu.2010.11.001","DOI":"10.1016\/j.compedu.2010.11.001"},{"key":"e_1_3_3_2_29_2","doi-asserted-by":"publisher","DOI":"10.1145\/1572532.1572536"},{"key":"e_1_3_3_2_30_2","doi-asserted-by":"publisher","unstructured":"Ponnurangam Kumaraguru Steve Sheng Alessandro Acquisti Lorrie\u00a0Faith Cranor and Jason Hong. 2010. Teaching Johnny not to fall for phish. ACM Transactions on Internet Technology 10 2 (2010) 1\u201331. 10.1145\/1754393.1754396 https:\/\/dl.acm.org\/doi\/10.1145\/1754393.1754396","DOI":"10.1145\/1754393.1754396"},{"key":"e_1_3_3_2_31_2","doi-asserted-by":"publisher","DOI":"10.1109\/sp46214.2022.9833766"},{"key":"e_1_3_3_2_32_2","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC51774.2021.00192"},{"key":"e_1_3_3_2_33_2","doi-asserted-by":"publisher","unstructured":"Naresh\u00a0K. Malhotra Sung\u00a0S. Kim and James Agarwal. 2004. Internet users\u2019 information privacy concerns (IUIPC): The construct the scale and a causal model. Information Systems Research 15 4 (2004) 336\u2013355. 10.1287\/isre.1040.0032Place: US Publisher: Institute for Operations Research & the Management Sciences (INFORMS). https:\/\/dl.acm.org\/doi\/10.1287\/isre.1040.0032","DOI":"10.1287\/isre.1040.0032"},{"key":"e_1_3_3_2_34_2","doi-asserted-by":"publisher","unstructured":"Camila\u00a0Paola Malkewitz Philipp Schwall Christian Meesters and Jochen Hardt. 2023. Estimating reliability: A comparison of Cronbach\u2019s \u03b1 McDonald\u2019s \u03c9t and the greatest lower bound. Social Sciences & Humanities Open 7 1 (Jan. 2023) 100368. 10.1016\/j.ssaho.2022.100368","DOI":"10.1016\/j.ssaho.2022.100368"},{"key":"e_1_3_3_2_35_2","doi-asserted-by":"publisher","unstructured":"R.\u00a0R. McCrae and O.\u00a0P. John. 1992. An introduction to the five-factor model and its applications. Journal of Personality 60 2 (June 1992) 175\u2013215. 10.1111\/j.1467-6494.1992.tb00970.x","DOI":"10.1111\/j.1467-6494.1992.tb00970.x"},{"key":"e_1_3_3_2_36_2","doi-asserted-by":"publisher","unstructured":"Alexis\u00a0R. Neigel Victoria\u00a0L. Claypoole Grace\u00a0E. Waldfogle Subrata Acharya and Gabriella\u00a0M. Hancock. 2020. Holistic cyber hygiene education: Accounting for the human factors. Computers & Security 92 (2020) 101731. 10.1016\/j.cose.2020.101731","DOI":"10.1016\/j.cose.2020.101731"},{"key":"e_1_3_3_2_37_2","doi-asserted-by":"publisher","unstructured":"Kathryn Parsons Dragana Calic Malcolm Pattinson Marcus Butavicius Agata McCormac and Tara Zwaans. 2017. The Human Aspects of Information Security Questionnaire (HAIS-Q): Two further validation studies. Computers & Security 66 (2017) 40\u201351. 10.1016\/j.cose.2017.01.004 https:\/\/dl.acm.org\/doi\/10.1016\/j.cose.2017.01.004","DOI":"10.1016\/j.cose.2017.01.004"},{"key":"e_1_3_3_2_38_2","doi-asserted-by":"publisher","unstructured":"Robert\u00a0A. Peterson. 1994. A Meta-analysis of Cronbach\u2019s Coefficient Alpha. Journal of Consumer Research 21 2 (Sept. 1994) 381\u2013391. 10.1086\/209405","DOI":"10.1086\/209405"},{"key":"e_1_3_3_2_39_2","doi-asserted-by":"publisher","unstructured":"Beatrice Rammstedt Christoph\u00a0J. Kemper Mira\u00a0C\u00e9line Klein Constanze Beierlein and Anastassiya Kovaleva. 2013. A Short Scale for Assessing the Big Five Dimensions of Personality: 10 Item Big Five Inventory (BFI-10). methods data analyses 7 2 (2013) 17. 10.12758\/mda.2013.013","DOI":"10.12758\/mda.2013.013"},{"key":"e_1_3_3_2_40_2","unstructured":"Benjamin Reinheimer Lukas Aldag Peter Mayer Mattia Mossano Reyhan Duezguen Bettina Lofthouse Tatiana\u00a0von Landesberger and Melanie Volkamer. 2020. An investigation of phishing awareness and education over time: When and how to best remind users. Usenix Berkeley CA USA 259\u2013284. https:\/\/www.usenix.org\/conference\/soups2020\/presentation\/reinheimer"},{"key":"e_1_3_3_2_41_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-08506-7_13"},{"key":"e_1_3_3_2_42_2","doi-asserted-by":"publisher","unstructured":"Liliana Ribeiro In\u00eas\u00a0Sousa Guedes and Carla\u00a0Sofia Cardoso. 2024. Which factors predict susceptibility to phishing? An empirical study. Computers & Security 136 (Jan. 2024) 103558. 10.1016\/j.cose.2023.103558 https:\/\/dl.acm.org\/doi\/10.1016\/j.cose.2023.103558","DOI":"10.1016\/j.cose.2023.103558"},{"key":"e_1_3_3_2_43_2","doi-asserted-by":"publisher","unstructured":"Dawn\u00a0M. Sarno Maggie\u00a0W. Harris and Jeffrey Black. 2023. Which phish is captured in the net? Understanding phishing susceptibility and individual differences. Applied Cognitive Psychology 37 4 (2023) 789\u2013803. 10.1002\/acp.4075","DOI":"10.1002\/acp.4075"},{"key":"e_1_3_3_2_44_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-25460-4_14"},{"key":"e_1_3_3_2_45_2","doi-asserted-by":"publisher","DOI":"10.1109\/FIE49875.2021.9637252"},{"key":"e_1_3_3_2_46_2","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753383"},{"key":"e_1_3_3_2_47_2","doi-asserted-by":"publisher","unstructured":"Mario Silic and Andrea Back. 2016. The dark side of social networking sites: Understanding phishing risks. Computers in Human Behavior 60 (July 2016) 35\u201343. 10.1016\/j.chb.2016.02.050 https:\/\/dl.acm.org\/doi\/10.1016\/j.chb.2016.02.050","DOI":"10.1016\/j.chb.2016.02.050"},{"key":"e_1_3_3_2_48_2","doi-asserted-by":"publisher","DOI":"10.1109\/eCrime47957.2019.9037502"},{"key":"e_1_3_3_2_49_2","doi-asserted-by":"publisher","DOI":"10.5220\/0006646203980403"},{"key":"e_1_3_3_2_50_2","doi-asserted-by":"publisher","unstructured":"Arun Vishwanath Tejaswini Herath Rui Chen Jingguo Wang and H.\u00a0Raghav Rao. 2011. Why do people get phished? Testing individual differences in phishing vulnerability within an integrated information processing model. Decision Support Systems 51 3 (2011) 576\u2013586. 10.1016\/j.dss.2011.03.002 https:\/\/dl.acm.org\/doi\/10.1016\/j.dss.2011.03.002","DOI":"10.1016\/j.dss.2011.03.002"},{"key":"e_1_3_3_2_51_2","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300338"},{"key":"e_1_3_3_2_52_2","unstructured":"Eva Wolfangel. 2023. The Human Element in Cybercrime and Cybersecurity. https:\/\/www.youtube.com\/watch?v=LKUMRTLV49g"},{"key":"e_1_3_3_2_53_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-10597-6_1"},{"key":"e_1_3_3_2_54_2","doi-asserted-by":"publisher","DOI":"10.1145\/2858036.2858388"},{"key":"e_1_3_3_2_55_2","doi-asserted-by":"publisher","unstructured":"Verena Zimmermann and Karen Renaud. 2019. Moving from a \u2018human-as-problem\u201d to a \u2018human-as-solution\u201d cybersecurity mindset. International Journal of Human-Computer Studies 131 (2019) 169\u2013187. 10.1016\/j.ijhcs.2019.05.005 https:\/\/dl.acm.org\/doi\/10.1016\/j.ijhcs.2019.05.005","DOI":"10.1016\/j.ijhcs.2019.05.005"},{"key":"e_1_3_3_2_56_2","doi-asserted-by":"publisher","unstructured":"Verena Zimmermann and Karen Renaud. 2021. The Nudge Puzzle: Matching Nudge Interventions to Cybersecurity Decisions. ACM Transactions on Computer-Human Interaction 28 1 (Jan. 2021) 7:1\u20137:45. 10.1145\/3429888 https:\/\/dl.acm.org\/doi\/10.1145\/3429888","DOI":"10.1145\/3429888"}],"event":{"name":"EuroUSEC 2024: The 2024 European Symposium on Usable Security","location":"Karlstad Sweden","acronym":"EuroUSEC 2024"},"container-title":["Proceedings of the 2024 European Symposium on Usable Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3688459.3688460","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3688459.3688460","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:10:29Z","timestamp":1750295429000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3688459.3688460"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,30]]},"references-count":55,"alternative-id":["10.1145\/3688459.3688460","10.1145\/3688459"],"URL":"https:\/\/doi.org\/10.1145\/3688459.3688460","relation":{},"subject":[],"published":{"date-parts":[[2024,9,30]]},"assertion":[{"value":"2024-11-20","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}