Journal of Information Systems Education (JISE)

Volume 34

Volume 34, Issue 4, Pages 347-359

Fall 2023


Teaching Tip
Hook, Line, and Sinker – The Development of a Phishing Exercise to Enhance Cybersecurity Awareness


Jacob A. Young
Bradley University
Peoria, IL 61625, USA

Sahar Farshadkhah
University of Illinois Springfield
Springfield, IL 62703, USA

Abstract: In this paper, we describe the development of an in-class exercise designed to teach students how to craft social engineering attacks. Specifically, we focus on the development of phishing emails. Providing an opportunity to craft offensive attacks not only helps prepare students for a career in penetration testing but can also enhance their ability to detect and defend against similar methods. First, we discuss the relevant background. Second, we outline the requirements necessary to implement the exercise. Third, we describe how we implemented the exercise. Finally, we discuss our results and share student feedback.

Keywords: Phishing, Social engineering, Cybersecurity, Pedagogy

Download This Article: JISE2023v34n4pp347-359.pdf


Recommended Citation: Young, J. A., & Farshadkhah, S. (2023). Teaching Tip: Hook, Line, and Sinker – The Development of a Phishing Exercise to Enhance Cybersecurity Awareness. Journal of Information Systems Education, 34(4), 347-359.