“…The current study aimed to examine the role of, and potential interplay between, cue utilisation and cognitive reflection in email users' ability to accurately (and efficiently) differentiate between phishing and genuine emails. In doing so, this work directly extends upon existing phishing victimology frameworks that have established the role of cue utilisation (Nasser et al, 2020a(Nasser et al, , 2020bBayl-Smith et al, 2020) and factors relating to dual process information processing (Butavicius et al, 2016;Frauenstein & Flowerday, 2020;Harrison et al, 2016;Jones et al, 2019;Luo et al, 2013;Valecha et al, 2015;Vishwanath et al, 2011;Vishwanath et al, 2016;Vishwanath et al, 2018;Yan & Gozu, 2012;Zhang et al, 2012) in determining users' phishing susceptibility. Critically, clarifying the interplay between users' perceptual-cognitive skills and their existing preferences concerning information processing have implications to the future design of cyber security interventions such as education and training programs, and more broadly, to our understanding of the acquisition of skilled intuition and expertise in similar domains of judgement and decision-making.…”