Abstract

Cyber security training programs encourage users to report suspicious spear phishing emails, and most antiphishing software provide interfaces to assist in the reporting. Evidence, however, suggests that reporting is scarce. This research examined why this is the case. To this end, Social Cognitive Theory (SCT) was used to examine the influence of the triadic factors of perceived self-efficacy toward antiphishing behaviors, expected negative outcomes from reporting spear phishing emails, and cyber security self-monitoring, on individuals’ likelihood of reporting spear phishing emails. Based on recent research on phishing victims, the present study also incorporated cyber risk beliefs (CRBs) into the SCT framework. The model, tested using survey data (N = 386), revealed that the likelihood of reporting spear phishing emails is increased by perceived self-efficacy, expected negative outcomes, and cyber security self-monitoring. Furthermore, the CRBs directly influenced the three SCT factors and indirectly the individuals’ likelihood of reporting spear phishing emails. The findings add to our understanding of SCT and the science of cyber security.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.