Abstract
ABSTRACT Email phishing is a serious and potentially catastrophic threat to organisations and individuals. Understanding what factors may influence individual susceptibility to phishing attacks is essential to protecting against cybercrime. We investigated the potential interplay between conscientiousness and cue utilisation in individuals’ ability to accurately differentiate between phishing and legitimate emails. University students (N = 255) completed a phishing detection task, the Mini International Personality Item Pool, and the phishing edition of the Expert Intensive Skill Evaluation (2.0) battery. After, they were sent simulated phishing emails to their student email address. A Signal Detection Theory approach revealed that higher cue utilisation was associated with a greater ability to tell whether an e-mail was phishing or not in the detection task. For the simulated phishing emails, participants with lower conscientiousness were more likely to click an embedded link in an unsophisticated phishing email, however cue utilisation had no association with email engagement in a naturalistic setting. The findings provide insight into why some people are more susceptible to phishing scams and reveal important differences in phishing sensitivity as a function of context, which has implications to interventions.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.