In an increasingly digital world, fraudsters, too, exploit this new environment and distribute fraudulent messages that trick victims into taking particular actions. There is no substitute for making users aware of scammers’ favoured techniques and giving them the ability to detect fraudulent messages. We developed an awareness-raising programme, specifically focusing on the needs of small and medium-sized enterprises (SMEs). The programme was evaluated in the field. The participating employees demonstrated significantly improved skills in terms of ability to classify messages as fraudulent or genuine. Particularly with regard to one of the most widespread attack types, namely fraudulent messages with links that contain well-known domains as sub-domains of generic domains, recipients of the programme improved their recognition rates from $$56.6\%$$ to $$88\%$$. Thus, the developed security awareness-raising programme contributes to improving the security in SMEs.
Neumann, S., Reinheimer, B., & Volkamer, M. (2017). Don’t be deceived: The message might be fake. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10442 LNCS, pp. 199–214). Springer Verlag. https://doi.org/10.1007/978-3-319-64483-7_13