Professorship for Security, Privacy & Society

Search

EN

Enhancing Phishing Interventions

Phishing attacks trick people by using social engineering techniques that exploit emotions or weaknesses, such as inattentiveness. Together with collaboration partners from the Swiss Cyber Defence Campus, we conduct research on human-centred cybersecurity solutions to create targeted interventions that support users against phishing. Additionally, to streamline the development and comparability of these interventions, we are constructing a framework that provides guidance on how the outcomes of phishing training can be evaluated.

As part of this project, we explore how AI technology can be harnessed defensively to counter increasingly sophisticated phishing threats. By integrating AI-driven phishing detection and support tools into everyday contexts where users might encounter phishing, we aim to improve comprehension and engagement, especially among non-experts. The
project involves designing and evaluating a range of user-centred AI tools that provide context-sensitive explanations, timely warnings, and actionable support. In doing so, we seek to work towards AI-supported cybersecurity practices that align with users’ real-world needs and experiences.

Financial support for the project is generously provided by the external page Cyber Defence Campus and external page Armasuisse W+T.

Related Publications

Schöni, L., Roch, N., Sievers, H., Strohmeier, M., Mayer, P., & Zimmermann, V. (2025, April). It's a Match-Enhancing the Fit between Users and Phishing Training through Personalisation. In Proceedings of the 2025 CHI Conference on Human Factors in Computing Systems (pp. 1-25). external page https://dl.acm.org/doi/pdf/10.1145/3706598.3713845  

Schöni, L., Strohmeier, M.,  Sluganovic, I., & Zimmermann, V. (2025, April). Stop the Clock-Counteracting Bias Exploited by Attackers through an Interactive Augmented Reality Phishing Training. In Proceedings of the 2025 CHI Conference on Human Factors in Computing Systems (pp. 1-23). external page https://dl.acm.org/doi/pdf/10.1145/3706598.3714023  

Schöni, L., Carles, V., Strohmeier, M., Mayer, P., & Zimmermann, V. (2024, September). You Know What?-Evaluation of a Personalised Phishing Training Based on Users' Phishing Knowledge and Detection Skills. In Proceedings of the 2024 European Symposium on Usable Security (pp. 1-14).  external page https://dl.acm.org/doi/pdf/10.1145/3688459.3688460