The present study investigated if users are complacent when interacting with phishing emails because they trust automated filters to remove any potential threats. Participants were asked to examine 50 email classifications made by a simulated email filter. Participants were either assigned a high or low reliability pseudo-filter that “classified” all of the emails as legitimate, resembling an email inbox, or all of the emails as not legitimate, resembling a spam folder. Participants who believed the filter operated at the instructed reliability were more likely to make email classifications that were consistent with their assigned filter, regardless of the emails’ true nature, and demonstrated poorer classification abilities when told their filter acted with higher reliability. These results suggest that some email users may be more vulnerable to phishing emails due to their over trust in automated filters, particularly when they believe the filter operates with high reliability.
Read full abstract