U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Human-Centered Cybersecurity


Phishing continues to be an escalating cyber threat facing organizations of all types and sizes, including industry, academia, and government.

Our team performs research to understand phishing within an operational (real-world) context by examining user behaviors during phishing awareness training exercises. Our efforts have provided insights into users’ rationale and role in early detection, and how these might be scaffolded with technological solutions.

Current/recent research projects:

  • Phish scale - developing a scale to rate the detection difficulty of phishing messages

Past research projects:

  • Phishing behaviors - understanding why users click or don’t click during phishing training exercises
  • Phishing lens model  - proposed an exploratory computational model of user decision making in a potential phishing attack scenario


Created November 17, 2016, Updated September 22, 2023