The design of phishing studies: Challenges for researchers. Issue 52 (July 2015)
- Record Type:
- Journal Article
- Title:
- The design of phishing studies: Challenges for researchers. Issue 52 (July 2015)
- Main Title:
- The design of phishing studies: Challenges for researchers
- Authors:
- Parsons, Kathryn
McCormac, Agata
Pattinson, Malcolm
Butavicius, Marcus
Jerram, Cate - Abstract:
- Abstract: In this paper, a role play scenario experiment of people's ability to differentiate between phishing and genuine emails demonstrated limitations in the generalisability of phishing studies. This involves issues around the priming of participants and the diversity of emails used. Only half of our 117 participants were explicitly informed that the study was assessing the ability to identify phishing emails. Results indicate that the informed participants were significantly better at discriminating between phishing and genuine emails than the uninformed participants. This has implications for the interpretation of phishing studies. Specifically, studies where participants are directly asked to identify phishing emails may not represent the performance of real world users, because people are rarely reminded about the risks of phishing emails in real life. Our study also used emails from a larger number and greater diversity of industries than previous phishing studies. Results indicate that participants' performance differs greatly in terms of category (e.g., type of sender) of emails. This demonstrates that caution should be used when interpreting the results of phishing studies that rely on only a small number of emails and/or emails of limited diversity. Hence, when designing and interpreting phishing studies, researchers should carefully consider the instructions provided to participants and the types of emails used.
- Is Part Of:
- Computers & security. Issue 52(2015)
- Journal:
- Computers & security
- Issue:
- Issue 52(2015)
- Issue Display:
- Volume 52, Issue 52 (2015)
- Year:
- 2015
- Volume:
- 52
- Issue:
- 52
- Issue Sort Value:
- 2015-0052-0052-0000
- Page Start:
- 194
- Page End:
- 206
- Publication Date:
- 2015-07
- Subjects:
- Phishing -- Information security -- Security behaviours -- Email security -- Security training
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2015.02.008 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 6129.xml