{"href":"http://player.captivate.fm/services/oembed?url=http%3A%2F%2Fplayer.captivate.fm%2Fepisode%2Fcfb50e2c-4201-449c-b9ce-9b7abe2d75d9","version":"1.0","provider_name":"Captivate.FM","provider_url":"https://www.captivate.fm","width":600,"height":200,"type":"rich","html":"<iframe style=\"width: 100%; height: 200px;\" title=\"How a few PhD students revealed that phishing trainings might just not work\" frameborder=\"0\" scrolling=\"no\" allow=\"clipboard-write\" seamless src=\"http://player.captivate.fm/episode/cfb50e2c-4201-449c-b9ce-9b7abe2d75d9\"></iframe>","title":"How a few PhD students revealed that phishing trainings might just not work","description":"You've likely fallen for it before\u2014a simulated test sent by your own company to determine whether its employees are vulnerable to one of the most pernicious online threats today: Phishing.\nThose simulated phishing tests often come with a voluntary or mandatory training afterwards, with questions and lessons about what mistakes you made, right after you made them.\u00a0\nBut this extremely popular phishing defense practice might not work. In fact, it might make you worse at recognizing phishing attempts in the future.\n\nThat's what Daniele Lain and his fellow PhD candidates at the ETH Zurich university in Switzerland revealed in a recent 15-month study, which we discuss today on Lock and Code, with host David Ruiz.\n","thumbnail_width":300,"thumbnail_height":300,"thumbnail_url":"https://artwork.captivate.fm/af39ad94-0f98-46a3-b69d-985e369c36e0/lock-and-code-logo-2021-ar2rs.jpg"}