Phishing for the Truth: A Scenario-Based Experiment of Users’ Behavioural Response to Emails

Abstract : Using a role play scenario experiment, 117 participants were asked to manage 50 emails. To test whether the knowledge that participants are undertaking a phishing study impacts on their decisions, only half of the participants were informed that the study was assessing the ability to identify phishing emails. Results indicated that the participants who were informed that they were undertaking a phishing study were significantly better at correctly managing phishing emails and took longer to make decisions. This was not caused by a bias towards judging an email as a phishing attack, but instead, an increase in the ability to discriminate between phishing and real emails. Interestingly, participants who had formal training in information systems performed more poorly overall. Our results have implications for the interpretation of previous phishing studies, the design of future studies and for training and education campaigns, as it suggests that when people are primed about phishing risks, they adopt a more diligent screening approach to emails.
Type de document :
Communication dans un congrès
Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.366-378, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_27〉
Liste complète des métadonnées

Littérature citée [20 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01463838
Contributeur : Hal Ifip <>
Soumis le : jeudi 9 février 2017 - 17:24:13
Dernière modification le : jeudi 9 février 2017 - 17:37:19
Document(s) archivé(s) le : mercredi 10 mai 2017 - 14:46:28

Fichier

978-3-642-39218-4_27_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Kathryn Parsons, Agata Mccormac, Malcolm Pattinson, Marcus Butavicius, Cate Jerram. Phishing for the Truth: A Scenario-Based Experiment of Users’ Behavioural Response to Emails. Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.366-378, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_27〉. 〈hal-01463838〉

Partager

Métriques

Consultations de la notice

79

Téléchargements de fichiers

492