Designing a mobile game to thwarts malicious IT threats: A phishing threat avoidance perspective

TL;DR

This paper presents a mobile game prototype designed to educate users about phishing threats and improve their avoidance behavior through engaging gameplay and targeted design principles.

Contribution

It introduces a novel mobile game based on a story-driven framework to enhance phishing threat awareness and avoidance behavior.

Findings

Game design principles effectively increased user motivation.

Prototype demonstrated on MIT App Inventor Emulator.

Potential to improve phishing threat avoidance through game-based education.

Abstract

Phishing is an online identity theft, which aims to steal sensitive information such as username, password and online banking details from victims. To prevent this, phishing education needs to be considered. Game based education is becoming more and more popular. This paper introduces a mobile game prototype for the android platform based on a story, which simplifies and exaggerates real life. The elements of a game design framework for avoiding phishing attacks were used to address the game design issues and game design principles were used as a set of guidelines for structuring and presenting information. The overall mobile game design was aimed to enhance the user's avoidance behaviour through motivation to protect themselves against phishing threats. The prototype mobile game design was presented on MIT App Inventor Emulator.