Abstract: Phishing has emerged as one of the most persistent and evolving threats to cybersecurity, and its impact has grown even more severe with the widespread adoption of remote work. Employees working from home or hybrid environments often lack immediate IT assistance and rely heavily on digital platforms such as email, messaging apps, and cloud services. This makes them prime targets for attackers who exploit psychological triggers such as urgency, curiosity, and authority. Recent developments, including QR-code–based quishing and large language model (LLM) generated phishing emails, have enabled adversaries to create highly convincing messages that bypass traditional spam filters and deceive users at alarming rates. Studies shows that over 30% of participants in controlled experiments fall victim to these advanced phishing strategies, highlighting the limitations of conventional awareness programs and static filtering technologies. Although advanced artificial intelligence (AI) techniques, particularly hybrid models combining BERT and CNN, have achieved near 97.5% accuracy in classifying malicious content, these systems typically function in the background and do not provide real-time, user-facing assistance. This gap leaves individuals vulnerable at the precise moment when they must decide whether to trust or reject a suspicious message. Research in behavioral science has consistently demonstrated that contextual nudges, micro-prompts, and reinforcement mechanisms are more effective in shaping long-term secure practices compared to one-off training sessions or financial incentives. This paper proposes a multistage behavioral–AI framework designed specifically for remote workers to address this gap. The framework integrates four stages: Awareness Nudges, Micro-Actions, Reinforcement, and AI-Driven Contextual Alerts. Each stage complements the others—nudges capture attention, micro-actions promote critical reflection, reinforcement cultivates long-term secure habits, and contextual alerts provide AI-powered warnings at high-risk moments. Unlike prior approaches that address technical or behavioral dimensions in isolation, this framework merges them into a single, interactive model. By aligning advanced detection capabilities with human decision-making processes, the framework aims to reduce click-through rates, encourage proactive reporting, and foster a culture of security-conscious behavior among remote employees. In doing so, it provides not just a technical solution but also a sustainable strategy that adapts to evolving phishing threats while strengthening organizational resilience.

Keywords: Phishing Defense, AI-Guided Behavioral Nudges, Real-Time Security Alerts, QR-Code Phishing (Quishing), Reinforcement Mechanisms, Contextual Micro-Prompts, Hybrid BERT–CNN Detection Model.

Downloads: | DOI: 10.17148/IARJSET.2025.12912