Ethical simulation of a phishing attack

Justyna Kęczkowska; Karol Wykrota; Mirosław Płaza

doi:10.35784/iapgos.7498

Open full text

PDF

Published: Sep 30, 2025

DOI: https://doi.org/10.35784/iapgos.7498

Issue Vol. 15 No. 3 (2025)

Articles

Objects features extraction by singular projections of data tensor to matrices
Yuriy Bunyak, Roman Kvуetnyy, Olga Sofina, Volodymyr Kotsiubynskyi

5-9
A hybrid approach combining generalized normal distribution optimization algorithm and fuzzy C-means with Calinski-Harabasz index for clustering optimization
Moatasem Mahmood Ibrahim, Omar Saber Qasim, Talal Fadhil Hussein

10-14
Method of hybrid logical classification trees based on group selection of discrete features
Igor Povkhan, Andrii Leheza, Oksana Mulesa, Olena Melnyk, Aliya Kintonova

15-21
Optimal control of electric energy quality, based on lexicographic approach
Yurii Voitiuk, Anatolii Volotskyi, Iuliia Shullie, Maiia Kovalchuk, Laura Duissembayeva

22-28
Implementation of energy-saving modes for electro-radiation drying of oil-containing material using automation tools
Borys Kotov, Roman Kalinichenko, Serhii Stepanenko, Vasyl Lukach, Volodymyr Hryshchenko, Alvian Kuzmych, Yurii Pantsyr, Ihor Garasymchuk, Volodymyr Vasylyuk

29-32
Methods and means of laser layer Jones matrix mapping of polycrystalline films of biological fluids
Olexander Ushenko, Iryna Soltys, Olexander Dubolazov, Sergii Pavlov, Vasyl Garasym, Alona Kolomiiets, Bakhyt Yeraliyeva

33-37
Alzheimer’s disease classification from MRI using vision transformer
Mohith Reddy Kandi, Sree Vijaya Lakshmi Kothapalli, Sivamsh Pavan Rajanala, Suvarna Vani Koneru, Vishnu Pramukh Vattikunta

38-44
Enhancing early Parkinson’s disease diagnosis through handwriting analysis
Asma Ouabd, Abdelilah Jilbab, Achraf Benba, Ahmed Hammouch

45-49
Biomechanical foundations and benefits of active orthoses in the treatment of idiopathic scoliosis
Patrycja Tymińska-Wójcik

50-54
Application of facial recognition technologies for enhancing control in information security systems
Nurzhigit Smailov, Rashida Kadyrova, Kamila Abdulina, Fatima Uralova, Nurgul Kubanova, Akezhan Sabibolda

55-58
IoT system with frequency converters of physical quantities on FPGA
Oleksandr V. Osadchuk, Iaroslav O. Osadchuk, Valentyn K. Skoshchuk

59-66
Research on the possibility of reducing the error in measuring the phase shift of radio signals
Sergey Matvienko, Grygoriy Tymchyk, Konstantin Vonsevych, Nataliia Stelmakh

67-72
Implementation of fiber-optic sensing systems in structural health monitoring of concrete
Nurzhigit Smailov, Akmaral Tolemanova, Amir Aziskhan, Beibarys Sekenov, Akezhan Sabibolda

73-76
Modelling the working cycle of a heat pump scroll compressor
Bohdan Sydorchuk, Oleksandr Naumchuk

77-80
Modeling of interception parking lots
Larysa Gumeniuk, Volodymyr Lotysh, Pavlo Humeniuk, Oleksandr Reshetylo, Yuriy Syrota

81-86
Development and research of W-parameters of potentially unstable four-poles based on the mathematical model of W-parameters of field-effect transistors in the high-frequency range
Oleksandr Voznyak, Kateryna Kovalova, Yurii Polievoda, Liudmyla Kolianovska, Svitlana Ovsienko, Alla Solomon

87-90
Detection confidential information by large language models
Oleh Deineka, Oleh Harasymchuk, Andrii Partyka, Yurii Dreis, Yuliia Khokhlachova, Yuriy Pepa

91-99
Ethical simulation of a phishing attack
Justyna Kęczkowska, Karol Wykrota, Mirosław Płaza

100-104
The effectiveness of machine learning in detecting phishing websites
Jacek Łukasz Wilk-Jakubowski, Aleksandra Sikora, Dawid Maciejski

105-109
Contemporary approaches to integrating AI agents into library information processes
Mariia Sokil, Andriy Andrukhiv

110-116
Development of a reinforcement learning-based adaptive scheduling algorithm for commercial smart kitchens
Konrad Kabala, Piotr Dziurzanski, Agnieszka Konrad

117-122
Optimizing deep learning techniques with stacking BiLSTM and BiGRU models for gold price prediction
Iqbal Kharisudin, Nike Yustina Oktaviani

123-130
Websites with virtual church tours in Poland – usability and accessibility analysis
Michał Mitura, Mariusz Dzieńkowski

131-137
Study of feed granulation process based on system analysis – justification of optimization criteria
Mahil Isa Mammadov

138-142

DOI

https://doi.org/10.35784/iapgos.7498

Authors

Justyna Kęczkowska

j.keczkowska@tu.kielce.pl

Kielce University of Technology, Poland

https://orcid.org/0000-0002-2309-3065

Karol Wykrota

k.wykrota@tu.kielce.pl

Kielce University of Technology, Poland

https://orcid.org/0009-0000-4179-6779

Mirosław Płaza

m.plaza@tu.kielce.pl

Kielce University of Technology, Poland

https://orcid.org/0000-0001-9728-3630

Abstract

This article presents an ethical simulation of a phishing attack as a research method for analysing users' susceptibility to such threats. The study involved conducting an experiment in which emails mimicking authentic messages from popular services such as Google, Spotify, and InPost were sent. A total of 50 participants were involved in the experiment, divided into five age groups, allowing for an assessment of the impact of age on phishing attack susceptibility. The aim of the study was to determine the effectiveness of various social engineering techniques and to analyse users' reactions to the fraudulent messages. The experiment utilized dedicated, proprietary software that enabled monitoring of recipient activity, including reading messages, opening URLs, and filling out forms. The results showed that most users opened the phishing emails; however, only a small percentage took further actions that could potentially lead to data disclosure. The analysis of the results confirmed the crucial role of educational factors and user awareness in mitigating the effectiveness of phishing attacks. A particularly significant aspect was users’ prior experience with similar attacks and their active participation in informational campaigns, which significantly reduced their susceptibility to manipulation. In conclusion, recommendations were formulated emphasizing the need for systematic training campaigns and the implementation of advanced email filtering systems, which are crucial in counteracting the threats discussed in this study.

Keywords:

phishing, cyberattack, computer hacking, cybersecurity

References

[1] Aiden M. K., et al.: Social Engineering Attacks: Detection and Prevention. Shrivastava G., et al. (eds): Emerging Threats and Countermeasures in Cybersecurity. Scrivener Publishing LLC 2025, 349–387. DOI: https://doi.org/10.1002/9781394230600.ch16

[2] Akyeşilmen N., Alhosban A.: Non-Technical Cyber-Attacks and International Cybersecurity: The Case of Social Engineering. Gaziantep University Journal of Social Sciences 23(1), 2024, 342–360. DOI: https://doi.org/10.21547/jss.1346291

[3] Alkhalil Z., et al.: Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers in Computer Science 3, 2021, 563060. DOI: https://doi.org/10.3389/fcomp.2021.563060

[4] Alshammari S. S., Soh B., Li A.: Understanding Social Engineering Victimisation on Social Networking Sites: A Comprehensive Review of Factors Influencing User Susceptibility to Cyber-Attacks. Information 16(2), 2025, 153. DOI: https://doi.org/10.3390/info16020153

[5] Admass W. S., Munaye Y. Y., Diro A. A.: Cyber security: State of the art, challenges and future directions. Cyber Security and Applications 2, 2024, 100031. DOI: https://doi.org/10.1016/j.csa.2023.100031

[6] Choi Y. B.: Social Engineering Cyber Threats. Journal of Global Awareness 4(2), 2023, 8. DOI: https://doi.org/10.24073/jga/4/02/08

[7] Chanti S., Chithralekha T.: A literature review on classification of phishing attacks. International Journal of Advanced Technology and Engineering Exploration 9(89), 2022, 446–476.

[8] Chanti S., Chithralekha T.: A literature review on classification of phishing attacks. International Journal of Advanced Technology and Engineering Exploration 9(89), 2022, 446–476 DOI: https://doi.org/10.19101/IJATEE.2021.875031

[9] Lee N.: Cyberattacks, Prevention, and Countermeasures. Lee N. (ed.): Counterterrorism and Cybersecurity: Total Information Awareness. Springer International Publishing, Cham 2024, 295–342. DOI: https://doi.org/10.1007/978-3-031-63126-9_10

[10] Gallo L., et al.: The human factor in phishing: Collecting and analysing user behavior when reading emails. Computers & Security 139, 2024, 103671. DOI: https://doi.org/10.1016/j.cose.2023.103671

[11] Goenka R., Chawla M., Tiwari N.: A comprehensive survey of phishing: Mediums, intended targets, attack and defence techniques and a novel taxonomy. International Journal of Information Security 23(2), 2024, 819–848. DOI: https://doi.org/10.1007/s10207-023-00768-x

[12] Ghazi-Tehrani A. K., Pontell H. N.: Phishing evolves: Analyzing the enduring cybercrime. Victims & Offenders 16(3), 2022, 316–342 [https://doi.org/10.1080/15564886.2020.1829224]. DOI: https://doi.org/10.1080/15564886.2020.1829224

[13] Gupta S., et al.: A Comprehensive Analysis of Social Engineering Attacks: From Phishing to Prevention-Tools, Techniques and Strategies. Second International Conference on Intelligent Cyber Physical Systems and Internet of Things – ICoICI, 2024, 1–8. DOI: https://doi.org/10.1109/ICoICI62503.2024.10696444

[14] Hakimi M., Quchi M. M., Fazil A. W.: Human factors in cybersecurity: an in depth analysis of user centric studies. Jurnal Ilmiah Multidisiplin Indonesia – JIM-ID 3(01), 2024, 20–33. DOI: https://doi.org/10.58471/esaprom.v3i01.3832

[15] Jeon G.H., et al.: IWTW: A Framework for IoWT Cyber Threat Analysis. CMES-Computer Modeling in Engineering & Sciences 141(2), 2024, 1575–1622 [https://doi.org/10.32604/cmes.2024.053465]. DOI: https://doi.org/10.32604/cmes.2024.053465

[16] Jain A. K., Gupta B. B.: A survey of phishing attack techniques, defence mechanisms and open research challenges. Enterprise Information Systems 16(4), 2022, 527–565. DOI: https://doi.org/10.1080/17517575.2021.1896786

[17] Kamruzzaman A., et al.: Social engineering incidents and preventions. IEEE 13th Annual Computing and Communication Workshop and Conference – CCWC, 2023, 0494–0498. DOI: https://doi.org/10.1109/CCWC57344.2023.10099202

[18] Kont K. R.: Libraries and cyber security: the importance of the human factor in preventing cyber attacks. Library Hi Tech News 41(1), 2024, 11–15. DOI: https://doi.org/10.1108/LHTN-03-2023-0036

[19] Kumar S., Gouda S.: A Comprehensive Study of Phishing Attacks and Their Countermeasures. International Journal of Research and Analytical Reviews 10, 2023, 25–31.

[20] Mallick M. A. I., Nath R.: Navigating the cyber security landscape: A comprehensive review of cyber-attacks, emerging trends, and recent developments. World Scientific News 190(1), 2024, 1–69.

[21] Oladipo J. O., et al.: Human factors in cybersecurity: Navigating the fintech landscape. International Journal of Science and Research Archive 11(1), 2024, 1959–1967. DOI: https://doi.org/10.30574/ijsra.2024.11.1.0258

[22] Parsaei A.: Awareness and social engineering-based cyberattacks. International Journal of Reliability, Risk and Safety: Theory and Application 7(1), 2024, 31–36.

[23] Płaza M., et al.: Machine Learning Algorithms for Detection and Classifications of Emotions in Contact Center Applications. Sensors 22(14), 2022, 5311 [https://doi.org/10.3390/s22145311]. DOI: https://doi.org/10.3390/s22145311

[24] Płaza M., Belka R., Szcześniak Z.: Towards a different world – on the potential of the internet of everything. Informatyka, Automatyka, Pomiary w Gospodarce i Ochronie Środowiska – IAPGOS 2, 2019, 8–11. DOI: https://doi.org/10.5604/01.3001.0013.2539

[25] Putra F. P. E., et al.: Analysis of phishing attack trends, impacts and prevention methods: literature study. Brilliance: Research of Artificial Intelligence 4(1), 2024, 413–421. DOI: https://doi.org/10.47709/brilliance.v4i1.4357

[26] Scherb C., et al.: A cyber attack simulation for teaching cybersecurity. EpiC Series in Computing 93, 2023, 129–140. DOI: https://doi.org/10.29007/dkdw

[27] Shukla R. K., Tiwari A. K.: Security analysis of cyber-crime. Shukla R. K., et al. (eds.): The Ethical Frontier of AI and Data Analysis. IGI Global, 2024, 257–271 DOI: https://doi.org/10.4018/979-8-3693-2964-1.ch016

[28] Siddiqi M. A., Pak W., Siddiqi M. A.: A study on the psychology of social engineering-based cyberattacks and existing countermeasures. Applied Sciences 12(12), 2022, 6042. DOI: https://doi.org/10.3390/app12126042

[29] Sonowal G.: Types of Phishing. Sonowal G.: Phishing and Communication Channels: A Guide to Identifying and Mitigating Phishing Attacks, 2022, 25–50. DOI: https://doi.org/10.1007/978-1-4842-7744-7_2

[30] Tian C., et al.: The influence of affective processing on phishing susceptibility. European Journal of Information Systems 34(3), 2024, 1–15. DOI: https://doi.org/10.1080/0960085X.2024.2351442

[31] Yi Z., Chen X.: Personal Privacy Protection Problems in the Digital Age. arXiv preprint arXiv:2211.09591, 2022.

[32] Zhang-Kennedy L., Chiasson S.: A systematic review of multimedia tools for cybersecurity awareness and education. ACM Computing Surveys – CSUR 54(1), 2021, 1–39. DOI: https://doi.org/10.1145/3427920

[33] Zangana H. M., et al.: Cybernetic Deception: Unraveling the Layers of Email Phishing Threats. International Journal of Research and Applied Technology – INJURATECH 4(1), 2024, 35–47.

[34] InPost – Plaga ataków phishingowych – chroń swoje dane! 2025 [https://inpost.pl/aktualnosci-plaga-atakow-phishingowych-chron-swoje-dane].

[35] Niebezpiecznik – Uwaga na SMS-y podszywające się pod Inpost. 2025 [https://niebezpiecznik.pl/post/uwaga-na-sms-y-podszywajace-sie-pod-inpost/].

[36] The PHP Documentation Group – PHP Manual. 2025 [https://www.php.net/manual/en/].

[37] The PHP Documentation Group – SQLite3. 2025 [https://www.php.net/manual/en/book.sqlite3.php].

[38] Verizon Business – 2024 Data Breach Investigations Report. 2024 [https://www.verizon.com/business/resources/reports/dbir/].

Kęczkowska, J., Wykrota, K., & Płaza, M. (2025). Ethical simulation of a phishing attack. Informatyka, Automatyka, Pomiary W Gospodarce I Ochronie Środowiska, 15(3), 100–104. https://doi.org/10.35784/iapgos.7498

Ethical simulation of a phishing attack

Issue Vol. 15 No. 3 (2025)

Archives

DOI

Authors

Abstract

Keywords:

References

License

Article Sidebar

Issue Vol. 15 No. 3 (2025)

Archives

Main Article Content

DOI

Authors

Abstract

Keywords:

References

Article Details

License