Evaluating user susceptibility to phishing attacks. (5th January 2022)
- Record Type:
- Journal Article
- Title:
- Evaluating user susceptibility to phishing attacks. (5th January 2022)
- Main Title:
- Evaluating user susceptibility to phishing attacks
- Authors:
- Das, Sanchari
Nippert-Eng, Christena
Camp, L. Jean - Abstract:
- Abstract : Purpose: Phishing is a well-known cybersecurity attack that has rapidly increased in recent years. It poses risks to businesses, government agencies and all users due to sensitive data breaches and subsequent financial losses. To study the user side, this paper aims to conduct a literature review and user study. Design/methodology/approach: To investigate phishing attacks, the authors provide a detailed overview of previous research on phishing techniques by conducting a systematic literature review of n = 367 peer-reviewed academic papers published in ACM Digital Library. Also, the authors report on an evaluation of a high school community. The authors engaged 57 high school students and faculty members (12 high school students, 45 staff members) as participants in research using signal detection theory (SDT). Findings: Through the literature review which goes back to as early as 2004, the authors found that only 13.9% of papers focused on user studies. In the user study, through scenario-based analysis, participants were tasked with distinguishing phishing e-mails from authentic e-mails. The results revealed an overconfidence bias in self-detection from the participants, regardless of their technical background. Originality/value: The authors conducted a literature review with a focus on user study which is a first in this field as far the authors know. Additionally, the authors conducted a detailed user study with high school students and faculty using SDTAbstract : Purpose: Phishing is a well-known cybersecurity attack that has rapidly increased in recent years. It poses risks to businesses, government agencies and all users due to sensitive data breaches and subsequent financial losses. To study the user side, this paper aims to conduct a literature review and user study. Design/methodology/approach: To investigate phishing attacks, the authors provide a detailed overview of previous research on phishing techniques by conducting a systematic literature review of n = 367 peer-reviewed academic papers published in ACM Digital Library. Also, the authors report on an evaluation of a high school community. The authors engaged 57 high school students and faculty members (12 high school students, 45 staff members) as participants in research using signal detection theory (SDT). Findings: Through the literature review which goes back to as early as 2004, the authors found that only 13.9% of papers focused on user studies. In the user study, through scenario-based analysis, participants were tasked with distinguishing phishing e-mails from authentic e-mails. The results revealed an overconfidence bias in self-detection from the participants, regardless of their technical background. Originality/value: The authors conducted a literature review with a focus on user study which is a first in this field as far the authors know. Additionally, the authors conducted a detailed user study with high school students and faculty using SDT which is also an understudied area and population. … (more)
- Is Part Of:
- Information and computer security. Volume 30:Number 1(2022)
- Journal:
- Information and computer security
- Issue:
- Volume 30:Number 1(2022)
- Issue Display:
- Volume 30, Issue 1 (2022)
- Year:
- 2022
- Volume:
- 30
- Issue:
- 1
- Issue Sort Value:
- 2022-0030-0001-0000
- Page Start:
- 1
- Page End:
- 18
- Publication Date:
- 2022-01-05
- Subjects:
- Phishing -- Spear phishing -- High school -- User study -- Usable security -- Authentication -- Literature review -- Information security -- Computer security -- Security -- Computer users -- Data security -- Internet security
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-12-2020-0204 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 25247.xml