Spear phishing in organisations explained. (13th November 2017)
- Record Type:
- Journal Article
- Title:
- Spear phishing in organisations explained. (13th November 2017)
- Main Title:
- Spear phishing in organisations explained
- Authors:
- Bullee, Jan-Willem
Montoya, Lorena
Junger, Marianne
Hartel, Pieter - Abstract:
- Abstract : Purpose: The purpose of this study is to explore how the opening phrase of a phishing email influences the action taken by the recipient. Design/methodology/approach: Two types of phishing emails were sent to 593 employees, who were asked to provide personally identifiable information (PII). A personalised spear phishing email opening was randomly used in half of the emails. Findings: Nineteen per cent of the employees provided their PII in a general phishing email, compared to 29 per cent in the spear phishing condition. Employees having a high power distance cultural background were more likely to provide their PII, compared to those with a low one. There was no effect of age on providing the PII requested when the recipient's years of service within the organisation is taken into account. Practical implications: This research shows that success is higher when the opening sentence of a phishing email is personalised. The resulting model explains victimisation by phishing emails well, and it would allow practitioners to focus awareness campaigns to maximise their effect. Originality/value: The innovative aspect relates to explaining spear phishing using four socio-demographic variables.
- Is Part Of:
- Information and computer security. Volume 25:Number 5(2017)
- Journal:
- Information and computer security
- Issue:
- Volume 25:Number 5(2017)
- Issue Display:
- Volume 25, Issue 5 (2017)
- Year:
- 2017
- Volume:
- 25
- Issue:
- 5
- Issue Sort Value:
- 2017-0025-0005-0000
- Page Start:
- 593
- Page End:
- 613
- Publication Date:
- 2017-11-13
- Subjects:
- Gender -- Culture -- Age -- Spear phishing -- Years of service
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-03-2017-0009 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 9058.xml