YoVDO

Exploiting Curiosity and Context - How to Make People Click on a Dangerous Link

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Penetration Testing Courses Social Engineering Courses Human Behavior Courses Phishing Courses Spear Phishing Courses

Course Description

Overview

Explore the psychology behind why people click on potentially dangerous links in this 43-minute Black Hat conference talk. Delve into the results of two user studies involving over 1600 university students, examining click rates for suspicious emails and Facebook messages. Discover how factors like curiosity, context, and personalization influence clicking behavior, despite users' awareness of potential security risks. Analyze the implications for organizational cybersecurity strategies, including the pros and cons of employee security awareness training. Consider the challenges of relying on user decision-making for protection against phishing attacks and discuss potential alternatives for more effective cybersecurity measures.

Syllabus

Introduction
Technical vs. Human Vulnerabilities
Research questions
Study Idea
Ethics: Recruitment
Ethics: Connecting Behavior with Survey
Final Design
Study 1: Survey
Study 2: Design Changes
Addressing by Name
Study 1 vs. Study 2: Survey Reliability
Study 2: Email vs. Facebook Survey Reliability
Trust Into Technical Context
Reasons for Non clicking
Limitations
Targeting
Requirements on Users
Let me introduce...
Want Your Employees Be Aware of Spear Phishing?
Pentesting & Patching Humans
Feasible User Involvement?
Key Takeaways


Taught by

Black Hat

Related Courses

Application of the MITRE ATT&CK Framework
Cybrary
Windows Red Team Exploitation Techniques | Red Team Series 3-13
Linode via Independent
People Information Gathering with the Social Engineering Toolkit (SET)
Pluralsight
Phishing Pholks Phor Phun and Prophit
YouTube
Social Engineering Toolkit
YouTube