Loughborough University
Browse
Thesis-2010-Al-Hamar.pdf (14.21 MB)

Reducing the risk of e-mail phishing in the state of Qatar through an effective awareness framework

Download (14.21 MB)
thesis
posted on 2010-11-19, 16:01 authored by Mariam Khalid Al-Hamar
In recent years, cyber crime has focused intensely on people to bypass existing sophisticated security controls; phishing is one of the most common forms of such attack. This research highlights the problem of e-mail phishing. A lot of previous research demonstrated the danger of phishing and its considerable consequences. Since users behaviour is unpredictable, there is no reliable technological protective solution (e.g. spam filters, anti-viruses) to diminish the risk arising from inappropriate user decisions. Therefore, this research attempts to reduce the risk of e-mail phishing through awareness and education. It underlines the problem of e-mail phishing in the State of Qatar, one of world s fastest developing countries and seeks to provide a solution to enhance people s awareness of e-mail phishing by developing an effective awareness and educational framework. The framework consists of valuable recommendations for the Qatar government, citizens and organisations responsible for ensuring information security along with an educational agenda to train them how to identify and avoid phishing attempts. The educational agenda supports users in making better trust decisions to avoid phishing that could complement any technical solutions. It comprises a collection of training methods: conceptual, embedded, e-learning and learning programmes which include a television show and a learning session with a variety of teaching components such as a game, quizzes, posters, cartoons and a presentation. The components were tested by trial in two Qatari schools and evaluated by experts and a representative sample of Qatari citizens. Furthermore, the research proves the existence and extent of the e-mail phishing problem in Qatar in comparison with the UK where people were found to be less vulnerable and more aware. It was discovered that Qatar is an attractive place for phishers and that a lack of awareness and e-law made Qatar more vulnerable to the phishing. The research identifies the factors which make Qatari citizens susceptible to e-mail phishing attacks such as cultural, country-specific factors, interests and beliefs, religion effect and personal characteristics and this identified the need for enhancing Qatari s level of awareness on phishing threat. Since literature on phishing in Qatar is sparse, empirical and non-empirical studies involved a variety of surveys, interviews and experiments. The research successfully achieved its aim and objectives and is now being considered by the Qatari Government.

Funding

Information security, Identity theft, E-mail phishing, Social engineering, Vulnerability testing, Security awareness

History

School

  • Science

Department

  • Computer Science

Publisher

© Mariam Khalid Al-Hamar

Publication date

2010

Notes

A Doctoral Thesis. Submitted in partial fulfilment of the requirements for the award of Doctor of Philosophy of Loughborough University.

EThOS Persistent ID

uk.bl.ethos.602994

Language

  • en