The Role of Cue Utilization and Cognitive Load in the Recognition of Phishing Emails

Nasser, George; Morrison, Ben; Bayl-Smith, Piers; Taib, Ronnie; Gayed, Michael; Wiggins, Mark W.

doi:10.3389/fdata.2020.546860

Cited by 12 publications

(7 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The current study aimed to examine the role of, and potential interplay between, cue utilisation and cognitive reflection in email users' ability to accurately (and efficiently) differentiate between phishing and genuine emails. In doing so, this work directly extends upon existing phishing victimology frameworks that have established the role of cue utilisation (Nasser et al, 2020a(Nasser et al, , 2020bBayl-Smith et al, 2020) and factors relating to dual process information processing (Butavicius et al, 2016;Frauenstein & Flowerday, 2020;Harrison et al, 2016;Jones et al, 2019;Luo et al, 2013;Valecha et al, 2015;Vishwanath et al, 2011;Vishwanath et al, 2016;Vishwanath et al, 2018;Yan & Gozu, 2012;Zhang et al, 2012) in determining users' phishing susceptibility. Critically, clarifying the interplay between users' perceptual-cognitive skills and their existing preferences concerning information processing have implications to the future design of cyber security interventions such as education and training programs, and more broadly, to our understanding of the acquisition of skilled intuition and expertise in similar domains of judgement and decision-making.…”

Section: Introductionmentioning

confidence: 78%

“…Finally, despite previous work differentiating levels of performance based on phishing cue utilisation (Nasser et al, 2020b), and others eliciting a set of 'correct' phishing cues , differences in the types of cues used across high and low cue users are yet to be captured. This has largely been attributed to limitations in previous designs (e.g., asking participants to recognise the features they use from a pre-defined list; Nasser et al, 2020b).…”

Section: Study Aimsmentioning

confidence: 99%

“…The study aimed to examine the role of, and potential interplay between, cue utilisation and cognitive reflection in email users' ability to accurately (and efficiently) differentiate between phishing and genuine emails. As in Bayl-Smith et al (2020), andNasser et al (2020a;2020b), EXPERTise 2.0 was used to gauge participants' level of phishing cueutilisation. Consistent with their findings we expected that those participants with higher levels of cue utilisation would demonstrate superior performance on a phishing diagnosis task compared to those with lower levels of cue utilisation, but that, based on the theorised relationship between greater cognitive reflection and the development of skilled cue utilisation (Kahneman & Klein, 2009), this relationship would also be moderated by users' cognitive reflection tendencies.…”

Section: Study Aimsmentioning

confidence: 99%

See 2 more Smart Citations

Errors, Irregularities, and Misdirection: Cue Utilisation and Cognitive Reflection in the Diagnosis of Phishing Emails

Ackerley¹,

Morrison

Ingrey³

et al. 2022

AJIS

View full text Add to dashboard Cite

The study aimed to examine the role of, and potential interplay between, cue utilisation and cognitive reflection in email users’ ability to accurately (and efficiently) differentiate between phishing and genuine emails. 145 participants completed the Cognitive Reflection Test (CRT), a phishing diagnostic task, and the Expert Intensive Skill Evaluation (EXPERTise 2.0) battery, which provided a gauge of users’ cue utilisation in the domain. The results revealed an interaction between users’ cognitive utilisation and cue reflection, whereby users low in both facets performed significantly worse in diagnosing phishing emails than all other groups. Further, those participants with both higher cue utilisation and cognitive reflection took significantly longer to make their diagnosis. It is concluded that a high level of cognitive reflection was able to compensate for a lower level of cue utilisation, and vice versa. Participants reported using seven types of cue during diagnosis, however, there was no significant relationship between the types of cues used and users’ level of cue utilisation. Taken together, the findings have implications to the design of user-level interventions in relation to the identification of vulnerable users, as well as the need to consider training approaches that extend beyond the use of simple cue inventories.

show abstract

Section: Introductionmentioning

confidence: 78%

Section: Study Aimsmentioning

confidence: 99%

Section: Study Aimsmentioning

confidence: 99%

See 1 more Smart Citation

Errors, Irregularities, and Misdirection: Cue Utilisation and Cognitive Reflection in the Diagnosis of Phishing Emails

Ackerley¹,

Morrison

Ingrey³

et al. 2022

AJIS

View full text Add to dashboard Cite

show abstract

“…Healthcare staff can fall victim to phishing attacks due to the nature of their work. They are often occupied with a heavy workload due to the high patients-to-staff ratio and their work is sometimes characterized by emergency situations, thereby increasing their cognitive load [70]. Additionally, healthcare workers may have poor information security knowledge and training and poor perception, possibly causing them to undermine better cyber security hygiene in phishing attacks [71].…”

Section: Discussionmentioning

confidence: 99%

Investigation into Phishing Risk Behaviour among Healthcare Staff

et al. 2022

View full text Add to dashboard Cite

A phishing attack is one of the less complicated ways to circumvent sophisticated technical security measures. It is often used to exploit psychological (as as well as other) factors of human users to succeed in social engineering attacks including ransomware. Guided by the state-of-the-arts in a phishing simulation study in healthcare and after deeply assessing the ethical dilemmas, an SMSbased phishing simulation was conducted among healthcare workers in Ghana. The study adopted an in-the-wild study approach alongside quantitative and qualitative surveys. From the state-of-the art studies, the in-the-wild study approach was the most commonly used method as compared to laboratory-based experiments and statistical surveys because its findings are generally reliable and effective. The attack results also showed that 61% of the targeted healthcare staff were susceptible, and some of the healthcare staff were not victims of the attack because they prioritized patient care and were not susceptible to the simulated phishing attack. Through structural equation modelling, the workload was estimated to have a significant effect on self-efficacy risk (r = 0.5, p-value = 0.05) and work emergency predicted a perceived barrier in the reverse direction at a substantial level of r = −0.46, p-value = 0.00. Additionally, Pearson’s correlation showed that the perceived barrier was a predictor of self-reported security behaviour in phishing attacks among healthcare staff. As a result, various suggestions including an extra workload balancing layer of security controls in emergency departments and better security training were suggested to enhance staff’s conscious care behaviour.

show abstract

“…These systems give individuals another platform for interaction, networking, knowledge, and information sharing through messaging, voice, photos, videos, and more. The use of these platforms has increased considerably in organisations during and post-pandemic periods [2], [80],…”

Section: Making Use Of Other Communication Platformsmentioning

confidence: 99%

“It may take ages”: Understanding Human-Centred Lateral Phishing Attack Detection in Organisations

Chitare,

Coventry,

Nicholson

2023

Proceedings of the 2023 European Symposium on Usable Security

View full text Add to dashboard Cite

Lateral phishing attacks can be devastating for users and organisational IT teams as these originate from legitimate, but compromised, email accounts that benefit from the implicit trust between sender and recipients. In this paper, we begin to explore the human-centred space of lateral phishing attacks through interviews with 5 security practitioners and 17 employees from the UK and India. We report how security practitioners predominantly rely on employees to alert them to compromised accounts, and how this can create a delay during which the attack can continue. Our interviews with employees, on the other hand, found that individuals may not be reliable; they struggled to detect slight changes to messages, and over-relied on markers that cannot identify lateral attacks. We discuss the symbiotic relationship between security practitioners and employees for combatting lateral phishing attacks within organisations, and present recommendations for improving resistance to these attacks.CCS CONCEPTS • Security and privacy ~ Human and societal aspects of security and privacy ~ Social aspects of security and privacy

show abstract

The Role of Cue Utilization and Cognitive Load in the Recognition of Phishing Emails

Cited by 12 publications

References 44 publications

Errors, Irregularities, and Misdirection: Cue Utilisation and Cognitive Reflection in the Diagnosis of Phishing Emails

Errors, Irregularities, and Misdirection: Cue Utilisation and Cognitive Reflection in the Diagnosis of Phishing Emails

Investigation into Phishing Risk Behaviour among Healthcare Staff

“It may take ages”: Understanding Human-Centred Lateral Phishing Attack Detection in Organisations

Contact Info

Product

Resources

About