A Routine Activities Approach to Evidence-Based Risk Assessment: Findings From Two Simulated Phishing Attacks. (February 2023)
- Record Type:
- Journal Article
- Title:
- A Routine Activities Approach to Evidence-Based Risk Assessment: Findings From Two Simulated Phishing Attacks. (February 2023)
- Main Title:
- A Routine Activities Approach to Evidence-Based Risk Assessment: Findings From Two Simulated Phishing Attacks
- Authors:
- Maimon, David
Howell, C. Jordan
Perkins, Robert C.
Muniz, Caitlyn N.
Berenblum, Tamar - Abstract:
- To assess the efficacy of routine activity theory (RAT) for explaining phishing victimization and guide evidence-based policy, we launched two phishing attacks via a university Listserv ( N = 25, 875). The first email offered access to a pdf file; the second offered free concert tickets. Several interesting findings emerged demonstrating phishing victimization results from network users' routine behaviors. Students were significantly less likely to open the phishing email sharing a pdf but more likely to open the email offering free concert tickets. Moreover, students were mor e likely to click the malicious link embedded within the phishing email in both studies, often using mobile devices. Conversely, employees were more likely to click the link while connected to the university network, thus exposing the network to greater levels of risk. Finally, the email offering concert tickets was opened at a frequency more than double the email containing the pdf. Theoretical and policy implications are discussed.
- Is Part Of:
- Social science computer review. Volume 41:Number 1(2023)
- Journal:
- Social science computer review
- Issue:
- Volume 41:Number 1(2023)
- Issue Display:
- Volume 41, Issue 1 (2023)
- Year:
- 2023
- Volume:
- 41
- Issue:
- 1
- Issue Sort Value:
- 2023-0041-0001-0000
- Page Start:
- 286
- Page End:
- 304
- Publication Date:
- 2023-02
- Subjects:
- information security -- phishing -- risk assessment -- routine activity theory -- victimization
Social sciences -- Data processing -- Periodicals
Computers -- Social aspects -- Periodicals
Microcomputers -- Periodicals
Sciences sociales -- Informatique -- Périodiques
Micro-ordinateurs -- Périodiques
300.285 - Journal URLs:
- http://journals.sagepub.com/home/ssc ↗
http://ssc.sagepub.com/ ↗
http://www.sagepublications.com/ ↗
http://firstsearch.oclc.org ↗
http://firstsearch.oclc.org/journal=0894-4393;screen=info;ECOIP ↗ - DOI:
- 10.1177/08944393211046339 ↗
- Languages:
- English
- ISSNs:
- 0894-4393
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 24576.xml