A new approach to modelling the effects of cognitive processing and threat detection on phishing susceptibility

Musuva, Paula; Getao, K W; Chepken, Christopher

doi:10.1016/j.chb.2018.12.036

Cited by 33 publications

(13 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Sheng et al's study [8] found that participants with more knowledge and more experience from training are less susceptible to phishing. Similar work regarding the effect of knowledge on phishing susceptibility has been discussed in many other studies [36,27,10,15,13,29,39,33,38,55], and all confirmed that higher phishing related knowledge leads to higher phishing detection performance. Knowledge of other domains can also help users distinguish between legitimate and phishing emails [56].…”

Section: A Stage One: Long-term Stablesupporting

confidence: 80%

SoK: Human-Centered Phishing Susceptibility

Zhuo¹,

Biddle²,

Koh³

et al. 2022

Preprint

View full text Add to dashboard Cite

Phishing is recognised as a serious threat to organisations and individuals. While there have been significant technical advances in blocking phishing attacks, people remain the last line of defence after phishing emails reach their email client. Most of the existing literature on this subject has focused on the technical aspects related to phishing. However, the factors that cause humans to be susceptible to phishing attacks are still not well-understood. To fill this gap, we reviewed the available literature and we propose a three-stage Phishing Susceptibility Model (PSM) for explaining how humans are involved in phishing detection and prevention, and we systematically investigate the phishing susceptibility variables studied in the literature and taxonomize them using our model. This model reveals several research gaps that need to be addressed to improve users' detection performance. We also propose a practical impact assessment of the value of studying the phishing susceptibility variables, and quality of evidence criteria. These can serve as guidelines for future research to improve experiment design, result quality, and increase the reliability and generalizability of findings.

show abstract

Section: A Stage One: Long-term Stablesupporting

confidence: 80%

SoK: Human-Centered Phishing Susceptibility

Zhuo¹,

Biddle²,

Koh³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Other scholars examined argument quality from a slightly different angle, such as measuring argument quality by examining whether the information is complete, consistent, accurate, or adequate ( Sussman & Siegal, 2003 ) or its relevance, timeliness, accuracy, and comprehensiveness ( Cheung et al, 2008 ). In this study, we argue that argument quality is the strength of arguments, which refers to the extent to which the argument is convincing or valid in refuting fake news and shows how well a refuting position is justified based on available evidence or a set of reasons ( Musuva et al, 2019 ).…”

Section: Research Model and Hypothesesmentioning

confidence: 99%

Factors influencing fake news rebuttal acceptance during the COVID-19 pandemic and the moderating effect of cognitive ability

Wang

Fan

et al. 2022

Computers in Human Behavior

View full text Add to dashboard Cite

Fake news is spreading rapidly on social media and poses a serious threat to the COVID-19 outbreak response. This study thus aims to reveal the factors influencing the acceptance of fake news rebuttals on Sina Weibo. Drawing on the elaboration likelihood model (ELM), we used text mining and the econometrics method to investigate the relationships among the central route (rebuttal's information readability and argument quality), peripheral route (rebuttal's source credibility, including authority and influence), and rebuttal acceptance, as well as the moderating effect of receiver's cognitive ability on these relationships. Our findings suggest that source authority had a negative effect on rebuttal acceptance, while source influence had a positive effect. Second, both information readability and argument quality had positive effects on rebuttal acceptance. In addition, individuals with low cognitive abilities relied more on source credibility and argument quality to accept rebuttals, while individuals with high cognitive abilities relied more on information readability. This study can provide decision support for practitioners to establish more effective fake news rebuttal strategies; it is especially valuable to reduce the negative impact of fake news related to major public health emergencies and safeguard the implementation of anti-epidemic strategies.

show abstract

“…Several models have been proposed to explain phishing susceptibility. They include individual factors (personality, perception, knowledge, motivation) and phishing email characteristics [27, 28]. The latter cannot be influenced by the (victim) organization and we therefore focus on the former.…”

Section: Conceptual Frameworkmentioning

confidence: 99%

“…Similar to an experience of an actual phishing email, a simulated phishing email may in this way increase risk perception and subsequently the level of systematic processing and the degree of suspicion applied to future emails. Knowledge, on the other hand, refers to the information the receiver has about the domain of the threat, the ways to detect it and the required actions [26, 28]. Information provision may increase knowledge about the prevalence of phishing attacks and the risks these pose.…”

Section: Conceptual Frameworkmentioning

confidence: 99%

Informing, simulating experience, or both: A field experiment on phishing risks

et al. 2019

View full text Add to dashboard Cite

Cybersecurity cannot be ensured with mere technical solutions. Hackers often use fraudulent emails to simply ask people for their password to breach into organizations. This technique, called phishing, is a major threat for many organizations. A typical prevention measure is to inform employees but is there a better way to reduce phishing risks? Experience and feedback have often been claimed to be effective in helping people make better decisions. In a large field experiment involving more than 10,000 employees of a Dutch ministry, we tested the effect of information provision, simulated experience, and their combination to reduce the risks of falling into a phishing attack. Both approaches substantially reduced the proportion of employees giving away their password. Combining both interventions did not have a larger impact.

show abstract

A new approach to modelling the effects of cognitive processing and threat detection on phishing susceptibility

Cited by 33 publications

References 30 publications

SoK: Human-Centered Phishing Susceptibility

SoK: Human-Centered Phishing Susceptibility

Factors influencing fake news rebuttal acceptance during the COVID-19 pandemic and the moderating effect of cognitive ability

Informing, simulating experience, or both: A field experiment on phishing risks

Contact Info

Product

Resources

About