Social engineering is a method used by offenders to deceive their targets utilizing rationales of human psychology. Offenders aim to exploit information and use them for intelligence purposes or financial gains. Generating resilience against these malicious methods is still challenging. Literature shows that serious gaming learning approaches are used more frequently to instill lasting retention effects. Serious games are interactive, experiential learning approaches that impart knowledge about rationales and concepts in a way that fosters retention. In three samples and totally 97 participants the study at hand evaluated a social engineering serious game for participants’ involvement and instruction compliance during the game. Field observations and unstructured interviews were used to collect data on participants’ engagement, satisfaction and compliance with game master instructions. The findings show that there are potentials in changing the game material and its process to foster these dimensions and make it more useful as an instructional instrument for social engineering awareness creation.
Muhly, Fabian; Leo, Philipp; and Caneppele, Stefano
"A Serious Game For Social Engineering Awareness Creation,"
Journal of Cybersecurity Education, Research and Practice: Vol. 2022:
1, Article 5.
Available at: https://digitalcommons.kennesaw.edu/jcerp/vol2022/iss1/5