Unrealistic Promises and Urgent Wording Differently Affect Suspicion of Phishing and Legitimate Emails

Abstract: Phishing emails have certain characteristics, including wording related to urgency and unrealistic promises (i.e., “too good to be true”), that attempt to lure victims. To test whether these characteristics affected users’ suspiciousness of emails, users participated in a phishing judgment task in which we manipulated 1) email type (legitimate, phishing), 2) consequence amount (small, medium, large), 3) consequence type (gain, loss), and 4) urgency (present, absent). We predicted users would be most suspicious… Show more

“…The second phase typically is done through social tactics, such as creating a social connection between the attacker and victim, to trick the users into revealing sensitive information (Tandale & Pawar, 2020). These social tactics may include unrealistic promises, such as winning $500 for responding back, and urgent wording, such as a limited-time offer, in the email (Tornblad et al, 2021; Yang et al, 2017). The last phase occurs if the victim falls for the phish and clicks on a spoofed website link or shares their personal information.…”

Phishing in Social Media: Investigating Training Techniques on Instagram Shop

“…The second phase typically is done through social tactics, such as creating a social connection between the attacker and victim, to trick the users into revealing sensitive information (Tandale & Pawar, 2020). These social tactics may include unrealistic promises, such as winning $500 for responding back, and urgent wording, such as a limited-time offer, in the email (Tornblad et al, 2021; Yang et al, 2017). The last phase occurs if the victim falls for the phish and clicks on a spoofed website link or shares their personal information.…”

Phishing in Social Media: Investigating Training Techniques on Instagram Shop