ISSN 2409-7616

Kosheleva A.D., Zufarova A.S.

THE IMPACT OF INTERACTIVE TRAINING ON AWARENESSINFORMATION ABOUT PHISHING ATTACKS

UDC 37.01:007

Kosheleva A.D.1 (Khabarovsk, Russian Federation) – 2019102989@togudv.ru; Zufarova A.S.1 (Khabarovsk, Russian Federation) 006694@pnu.edu.ru

1Pacific State University

Abstract. Modern organizations face unprecedented challenges in the field of cybersecurity related to the increasing number and complexity of cyber attacks. Information Security (InfoSec) has become a critically important area in today’s digital society. Social engineering often uses psychological techniques and manipulations to deceive company employees and gain access to confidential information or systems. This can not only cause financial damage, but also undermine the company’s reputation. The human factor continues to be one of the main reasons for successful attacks, which underscores the importance of training employees in the basics of cybersecurity. In recent years, there has been an increase in the number of incidents caused by employees’ lack of awareness of cyber threats, which leads to significant financial losses and damage to the reputation of companies. The purpose of this article is to highlight the importance of cybersecurity training for employees of an organization and to increase their level of digital literacy in order to reduce the risks associated with cyber threats. To achieve this goal, it is necessary to complete the following tasks: to study the basic concepts and types of information security incidents; to analyze ways to protect against social engineering; to study Security Awareness; analyze employee training methods; analyze Russian Security Awareness platforms; draw conclusions. This article examines the main areas of research in the field of information security, current challenges in the field of cybersecurity and proposed solutions based on employee training.

Keywords: Security Awareness, information security (IS), incident, cybersecurity, training, social engineering, training platforms.

References:

  1. Drugach Y. S. Controlled hacking. The Bible of Social Engineering. St. Petersburg, BHV-Petersburg Publ., 2024. 208 p. (In Russian).
  2. Ivanov P.I. Countering phishing attacks: training security users. Moscow, Nauka Publ., 2020. 256 p (In Russian).
  3.  Efimov S.A., Pronkin N.N. The role of employees in ensuring information security: approaches to raising awareness. International Journal of Professional Science, 2024, no. 6-2. pp. 40-47. (In Russian). URL: https://www.elibrary.ru/fgwhyv
  4. Prokhorov A.I., Markin E.A., Nikeeva U.G. Phishing attacks: the main types and methods of protection against them. Proc. “Information systems, economics and management. Scientific notes”. Rostov-on-Don, Rostov State University of Economics Publ., 2023. pp. 84-90. (In Russian). URL: https://www.elibrary.ru/mzgipc
  5. Bachieva A.V., Bosiev T.O. Phishing as one of the methods of fraud in the field of computer information. Proc. “Actual problems of legal science and practice”.  Gatchina, State Institute of Economics, Finance, Law and Technology Publ., 2017. 232-235. (In Russian). URL: https://www.elibrary.ru/zhtgzh
  6. Vasilyeva N.A. Methods of protecting employees from phishing attacks: the role of training and education. Moscow, RUDN Publ., 2020. 220 p. (In Russian).
  7. Zakharova A.A. Methods of personnel training in the organization. Alley of Science. 2022, vol. 1, no. 3 (66), pp. 114-120. (In Russian). URL: https://www.elibrary.ru/acjlnb
  8. Abitov A.A., Thakakhov R.A., Khachmakhova M.Z., Sungurov K.S. Protection from phishing. Proc. “Digital transformation of science and education”. Nalchik, Kabardino-Balkarian State University named after H.M. Berbekov Publ., 2020. pp. 13-17. (In Russian). URL: https://www.elibrary.ru/xcbynd
  9. Vilkova A.V., Litvishkov V.M., Shvyrev B.A. Embedded learning as an element of continuous information security training. Penitentiary Science, 2020, vol. 14, no. 1 (49), pp. 135-141. (In Russian). URL: https://www.elibrary.ru/xidpsr
  10. Zhdanova D.E. Technology of reverse learning: a combination of mobile learning and active learning methods. Naukosphere, 2021, no. 7-1, pp. 55-58. (In Russian). URL: https://www.elibrary.ru/siqyud
  11. Nechipurovsky D.I. How to build a multi-level protection to combat advanced phishing threats. Scientific aspect, 2024, vol. 41, no. 4, pp. 5337-5342. (In Russian). URL: https://www.elibrary.ru/jdtfvy
  12. Bogdanova T.M. Improving employee safety through training on phishing attacks. Moskow, RAS Publ., 2019. 153 p. (In Russian).
  13. Yakovleva M.A. Leadership in the mentoring system as an effective tool for personnel adaptation. Human Progress, 2021, vol. 7, no. 1. (In Russian). URL: https://www.elibrary.ru/mfmyrr
  14. Steiger A.A. Social engineering on the example of phishing. Bulletin of modern research, 2018, no. 6.3 (21), pp. 612-614. (In Russian). URL: https://www.elibrary.ru/xuroqp
  15. Zufarova A.S., Kosheleva A.D. Formation of a methodology for creating interactive educational web-quests in the conditions of school education. Modern pedagogical education, 2024, no. 6, pp. 116-120. (In Russian). URL: https://www.elibrary.ru/tyomig
  16. Pavlov A.S. Methodology for evaluating the effectiveness of phishing trainings in organizations. Moscow, Higher School of Economics Publ., 2020. 276 p. (In Russian)
  17. Kozlova O.V. Interactive teaching methods to raise awareness of phishing attacks. St. Petersburg, Nevsky University Publ., 2019. 162 p. (In Russian).
  18. Klimov A.A., Zarechkin E.Yu., Kupriyanovsky V.P. The impact of digitalization on the vocational education system. Modern information technologies and IT education, 2019, vol. 15, no. 2, pp. 468-476. (In Russian). URL: https://www.elibrary.ru/ixhcvv
  19. Slivinsky D.V., Shishiyanu K.S. Personnel training as a technology for managing human resources of an enterprise: basic forms, methods and critical assessments. Innovations and Investments, 2023, no. 11, pp. 78-80. (In Russian). URL: https://www.elibrary.ru/bwijwi

For citation: Kosheleva A.D., Zufarova A.S. The impact of interactive training on awareness information about phishing attacks. CITISE, 2025, no. 1, pp. 124-138.