Developing a Context-Aware Self-Assessment Model to Mitigate Phishing Vulnerabilities in Academic Institutions
Keywords:
Security Awareness, Phishing, Self-Assessment, Higher Education, CybersecurityAbstract
Higher education institutions in Indonesia have emerged as primary targets for cyberattacks, particularly phishing, due to the high value of academic data and the inherent openness of information access. Conventional technical security approaches often fail to mitigate human error, which remains a critical vulnerability. This study aims to develop a phishing vulnerability detection model based on active participation (self-assessment) using the WiCanary platform to enable academic communities to measure their security risks independently. Employing a Research and Development (R&D) methodology, contextual phishing simulations were conducted on 100 respondents at the Budi Utomo Institute of Technology. The experimental results revealed an average vulnerability rate (Click Rate) of 22%, contrasted by a low Reporting Rate of only 7%. A significant gap was identified between theoretical knowledge and actual behavior, particularly among faculty members who exhibited the Dunning-Kruger Effect in response to administrative-themed scenarios. However, the implementation of the self-assessment model successfully enhanced knowledge retention and reduced vulnerability by 40% in subsequent testing. In conclusion, this model serves as an effective, persuasive, and sustainable early mitigation strategy to fortify the human firewall within academic environments.
Downloads
Published
How to Cite
Issue
Section
Copyright (c) 2026 Andre Yuswanto, Budi Wibowo, Taufik Hidayat

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.


