Summary: | Information security for connected devices with network system is under threat due to fraudulent activities, denial-of-service (DoS), and malware. Phishing attacks are a major fraud activity which can be controlled by human factors. This research is aimed to increase the information security awareness of the vocational students in Malaysia. An enhanced knowledge-attitude-behavior model has been developed to increase the awareness level on phishing attacks. In this model, the existing knowledge of the sample students is measured and repeated after educational treatment. The model hypothesis is validated by the collected data on the students and the model output is thoroughly analyzed. Thus, it demonstrates that the proposed model is an enhanced model in strengthening the information security knowledge and awareness of the students.