Training to Detect Phishing Emails: Effects of the Frequency of Experienced Phishing Emails

Abstract

We studied people’s success on the detection of phishing emails after they were trained under one of three phishing frequency conditions, where the proportion of the phishing emails during training varied as: low frequency (25% phishing emails), medium frequency (50% phishing emails) and high frequency (75% phishing emails). Individual base susceptibility to phishing emails was measured in a pre-training phase in which 20% of the emails were phishing; this performance was then compared to a post-training phase in which participants aimed at detecting new rare phishing emails (20% were phishing emails). The Hit rates, False Alarm rates, sensitivities and response criterion were analyzed. Results revealed that participants receiving higher frequency of phishing emails had a higher hit rate but also higher false alarm rate at detecting phishing emails at post-training compared to participants encountering lower frequency levels during training. These results have implications for designing new training protocols for improving detection of phishing emails.