“Our user studies have found that user education can help prevent people from falling for phishing attacks. However, it is hard to get users to read security tutorials, and many of the available online training materials make users aware of the phishing threat but do not provide them with enough information to protect themselves. Our studies demonstrate that Anti-Phishing Phil is an effective approach to user education,” stated the Carnegie Mellon University team.
Anti-Phishing Phil was developed by members of the CMU Usable Privacy and Security Laboratory with funding from the US National Science Foundation (Cyber Trust initiative) and ARO/CyLab.
The game design team was led by Steve Sheng and included Alessandro Acquisti, Lorrie Cranor, Jason Hong, Ponnurangam Kumaraguru, Bryant Mangien, and Elizabeth Nunge.
Anti-Phishing Phil can be played here.