Affiliation:
1. Dept. of Psychological Sciences
2. Dept. of Computer Science, Texas Tech University, Lubbock, TX
Abstract
Phishing emails have certain characteristics, including wording related to urgency and unrealistic promises (i.e., “too good to be true”), that attempt to lure victims. To test whether these characteristics affected users’ suspiciousness of emails, users participated in a phishing judgment task in which we manipulated 1) email type (legitimate, phishing), 2) consequence amount (small, medium, large), 3) consequence type (gain, loss), and 4) urgency (present, absent). We predicted users would be most suspicious of phishing emails that were urgent and offered large gains. Results supporting the hypotheses indicate that users were more suspicious of phishing emails with a gain consequence type or large consequence amount. However, urgency was not a significant predictor of suspiciousness for phishing emails, but was for legitimate emails. These results have important cybersecurity-related implications for penetration testing and user training.
Subject
General Medicine,General Chemistry
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. The Accuracy of Domain Specific and Descriptive Analysis Generated by Large Language Models;2024 IEEE 48th Annual Computers, Software, and Applications Conference (COMPSAC);2024-07-02
2. Phishing in Social Media: Investigating Training Techniques on Instagram Shop;Proceedings of the Human Factors and Ergonomics Society Annual Meeting;2023-09