Understanding susceptibility to phishing emails: Assessing the impact of individual differences and culture
نویسندگان
چکیده
In a lab-based empirical study, we examined how individual differences and an aspect of national culture impacted on participants’ responses to phishing and spear-phishing emails. Results showed that the strongest predictor of the participants’ ability to detect these malicious emails was cultural orientation towards the needs of the individual rather than the needs of society. For both types of emails, there was also a positive association between self-reported information security awareness and detection ability. Impulsivity in decision making predicted poorer detection of phishing emails, but not spear-phishing emails, and different personality traits predicted detection ability for the two email types.
منابع مشابه
Creative Persuasion: A Study on Adversarial Behaviors and Strategies in Phishing Attacks
Success of phishing attacks depend on effective exploitation of human weaknesses. This research explores a largely ignored, but crucial aspect of phishing: the adversarial behavior. We aim at understanding human behaviors and strategies that adversaries use, and how these may determine the end-user response to phishing emails. We accomplish this through a novel experiment paradigm involving two...
متن کاملPhishing IQ Tests Measure Fear, Not Ability
We argue that phishing IQ tests fail to measure susceptibility to phishing attacks. We conducted a study where 40 subjects were asked to answer a selection of questions from existing phishing IQ tests in which we varied the portion (from 25% to 100%) of the questions that corresponded to phishing emails. We did not find any correlation between the actual number of phishing emails and the number...
متن کاملUsing Actions and Intentions to Evaluate Categorical Responses to Phishing and Genuine Emails
While many studies have investigated people’s susceptibility to phishing emails, little attention has been paid to how behavioural responses translate into overall intent when users are not informed they are undertaking a phishing study. This paper examines how well the quantitative multiple-choice categorisation used in such studies reflects the underlying reasoning of the users. The results o...
متن کاملApplying Clustering and Ensemble Clustering Approaches to phishing Profiling
This paper describes a novel approach to profiling phishing emails based on the combination of multiple independent clusterings of the email documents. Each clustering is motivated by a natural representation of the emails. A data set of 2048 phishing emails provided by a major Australian financial institution was pre-processed to extract features describing the textual content, hyperlinks and ...
متن کاملFusing system design and social science to reduce susceptibility to online influence
Spear phishing and other forms of online scams are having an increasing impact on society. This paper overviews our current work exploring individual differences in susceptibility to malicious influence online from a social science perspective and asks how fusion with adaptive and collaborative system approaches could be harnessed to reduce differential susceptibility across individuals via sys...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2017