ISEDJ

Information Systems Education Journal

Volume 13

V13 N5 Pages 71-82

September 2015


Why Phishing Works: Project for an Information Security Capstone Course


Yan Ding
Georgia Gwinnett College
Lawrenceville, GA 30043, USA

Lissa Pollacia
Georgia Gwinnett College
Lawrenceville, GA 30043, USA

Seung Yang
Georgia Gwinnett College
Lawrenceville, GA 30043, USA


Abstract: This paper presents a project which was conducted in a capstone course in Information Security. The project focused on conducting research concerning the various aspects of phishing, such as why phishing works and who is more likely to be deceived by phishing. Students were guided through the process of conducting research: finding background and related work on the topic, determining the hypothesis, development of the survey system, data collection, analysis of the results, and writing of the academic paper. This project was very successful in that students gained in-depth knowledge about phishing, developed an understanding of research and academic writing, and learned to statistically analyze data to support or refute their hypothesis. Educators who are teaching a capstone course in Information Security may be interested in this project because it is an appropriate level for undergraduate seniors, it can be accomplished in one semester, and the participants can be other students at the institution.

Keywords: Information Security, Phishing Project, Phishing Research, Security capstone course, Security Research Project, student research

Download this article: ISEDJ - V13 N5 Page 71.pdf


Recommended Citation: Ding, Y., Pollacia, L., Yang, S. (2015). Why Phishing Works: Project for an Information Security Capstone Course . Information Systems Education Journal, 13(5) pp 71-82. http://isedj.org/2015-13/ ISSN: 1545-679X. (A preliminary version appears in The Proceedings of ISECON 2014)