CyberPhish developed materials to help us avoid phishing attacks

October indicates the end of the CyberPhish “Safeguarding against Phishing in the age of 4th Industrial Revolution” project, which was started by six partners in 2020 to advance the key competencies for recognising phishing attacks and mitigating their impact by developing educational resources and materials, which are now available for free online.

"The project's main outcomes are the study analysis and recommendations on how to avoid phishing attacks and improve critical thinking. The project also results in the open online course, which provides learning material, simulations, self-evaluation and knowledge evaluation systems, guidelines for training and implementation of the developed course," told Raimundas Matulevičius, Professor of Information Security at the Institute of Computer Science of the University of Tartu.

"Everyone (e.g., students and educators, employers and employees), who wish to improve their knowledge and competencies in recognising and handling the phishing attacks and mitigating their consequences, can use the project results," said Matulevičius.

CyberPhish has six partners from Europe, and the materials are available in five local languages, including English, Estonian, Lithuanian, Latvian, and Greek. The course material is structured into four learning modules:

• Module on Introduction to cybersecurity starts with a brief history of Cybercrime development and reasons for its fast growth, historical stages, and current status.
• Overview of Cybersecurity within the EU presents the Cybersecurity landscape, trends, relevant threats, legal, reputational and financial risks and case study analysis.
• Module on Social Engineering and Phishing attacks discusses different types of phishing attacks and techniques together with several real case study examples from the Project Partner countries.
• Module on Understanding and Handling Cyber-attacks presents approaches to recognise and handle security attacks and introduces the development and implementation of incident response plans to minimise these attacks' effects.

During the project, each partner had a specific set of responsibilities. The University of Tartu Institute of Computer Science surveyed phishing recognition and skills gaps and analysed Estonia's cybersecurity training programmes. It was leading the preparation of the learning material. We defined several phishing gamification scenarios and contributed to the self-evaluation and preparation of knowledge systems.

On 13 October, the University of Tartu organised a seminar for 37 participants, including students, field experts, teachers and educators, stakeholders from the public and private sectors, and representatives from businesses, police, and government.

All the materials are available online for free to use using the following links:

• CyberPhish project website
• CyberPhish learning platform
• Social media
• Information about the project at InfoSec page

This project has been funded with support from the European Commission. This publication [communication] reflects the views only of the author, and the Commission cannot be held responsible for any use which may be made of the information contained therein.

Image