Game-Based Educational Strategies to Enhance Phishing Awareness: A Systematic Literature Review
Abstract
Phishing is one of the most prevalent forms of cyberattack, exploiting human error through deception and social engineering. While traditional cybersecurity awareness training has long been implemented, it often lacks interactivity and fails to instill lasting behavioral change. This study presents a Systematic Literature Review (SLR) to investigate the effectiveness of game-based learning strategies for improving phishing awareness. Three peer-reviewed studies were analyzed, revealing that gamified interventions outperform conventional educational methods by enhancing user engagement, behavioral intention, and phishing detection accuracy. Elements such as scenario-based decision-making, interactive feedback, and alignment with psychological frameworks like the Theory of Planned Behavior (TPB) were shown to be critical drivers of success. However, the review also highlights a major limitation in the field—namely, the lack of standardized and validated instruments to measure awareness and behavioral change consistently. The findings support the growing role of gamification in cybersecurity education while emphasizing the need for long-term evaluation and robust measurement practices.
References
Ngo Mbedeg Le-Nye, E., Yaacoub, C., & Possik, J. (2024). Evaluating Phishing Awareness Strategies: A Comparative Study of Education-Based Approaches and Game-Based Learning. Procedia Computer Science, Volume 251, Pages 666–671. https://doi.org/10.1016/j.procs.2024.01.225
Van Steen, T., & Deeleman, J. R. A. (2021). Successful Gamification of Cybersecurity Training. Cyberpsychology, Behavior, and Social Networking, 24(9), 593–598. https://doi.org/10.1089/cyber.2020.0526
Rohan, R., Pal, D., Hautamäki, J., Funilkul, S., Chutimaskul, W., & Thapliyal, H. (2023). A Systematic Literature Review of Cybersecurity Scales Assessing Information Security Awareness. Heliyon, Volume 9, Issue 2, e14294. https://doi.org/10.1016/j.heliyon.2023.e14294
Helmiawan, M. A., & Wiharko, T. (2018). Application of Fingerprint Security System on Motorcycles using Arduino Microcontroller. J-Tin’s Jurnal Teknik Informatika, 2(1).
Helmiawan, M. A., Juna, D. I., & Ramdhani, B. (2018). Pengamanan Sistem Dan Data E-Voting Berbasis Network. INTERNAL (Information System Journal), 1(1), 1–10.
Helmiawan, M. A., Firmansyah, E., Fadil, I., Sofivan, Y., Mahardika, F., & Guntara, A. (2020). Analysis of web security using open web application security project 10. 2020 8th International Conference on Cyber and IT Service Management
Helmiawan, M. A., Julian, E., Cahyan, Y., & Saeppani, A. (2021). Experimental evaluation of security monitoring and notification on network intrusion detection system for server security. 2021 9th International Conference on Cyber and IT Service Management (CITSM ….
Helmiawan, M. A., Fadil, I., Sofiyan, Y., & Firmansyah, E. (2021). Security model using intrusion detection system on cloud computing security management. 2021 9th International Conference on Cyber and IT Service Management
Helmiawan, M. A., & Nasution, A. I. (2022). The Effect of Internet Banking Use and Customer Protection Against Cyber Crime at Bank Rakyat Indonesia. Journal of Islamic Economics and Business, 2(2), 170–183.