Abstract
Social engineering is a large problem in our modern technological world, but while conceptually understood, it is harder to teach compared to traditional pen testing techniques. This research details a class project where students implemented a phishing exercise against real-world targets. Through cooperation with an external corporate partner, students learned the legal, technical, behavioral, analysis, and reporting aspects of social engineering. The outcome provided both usable data for a real-world corporation as well as valuable educational experience for the students.
Recommended Citation
Luse, Andy and Burkman, Jim
(2021)
"Gophish: Implementing a Real-World Phishing Exercise to Teach Social Engineering,"
Journal of Cybersecurity Education, Research and Practice: Vol. 2020
:
No.
2
, Article 5.
Available at:
https://digitalcommons.kennesaw.edu/jcerp/vol2020/iss2/5
Included in
Information Security Commons, Management Information Systems Commons, Technology and Innovation Commons