Abstract
Humans live in an interconnected world that is increasingly featured with virtual interactions in cyberspace. That world has raised cybersecurity concerns, particularly regarding the exploitation of human trust through various means, such as phishing. Phishing remains one of the most prevalent forms of cybercrime. It exploits human trust to manipulate individuals into divulging sensitive information. This study investigates the trust development mechanisms most exploited by cybercriminals in phishing attacks. It focuses on two primary trust development processes: relationship history and future expectations. The study uses qualitative content analysis of 42 phishing messages collected from diverse secondary sources. The findings reveal that future expectations—such as promises of rewards, urgent requests, or threats of penalties—dominate phishing tactics. In contrast, relationship history mechanisms exploit existing or fabricated relationships to evoke trust and compliance. These findings provide critical insights into the psychological manipulations leveraged in phishing schemes and highlight the need to integrate behavioural and cognitive principles into cybersecurity education. Practical implications include tailored training programs for distinct user groups, such as seniors, employees, and students. The training should emphasise recognising urgency cues, emotional manipulation, and verification strategies.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call