• Aucun résultat trouvé

Effects of email users' behaviour and demographics on respond to each step of a phishing attack

N/A
N/A
Info
Télécharger
Protected

Academic year: 2022

Partager "Effects of email users' behaviour and demographics on respond to each step of a phishing attack"

Copied!
1
0
0

Chargement.... (Voir le texte intégral maintenant)

Texte intégral

(1)

Abstract—

Phishing is a process in which attackers send emails to Internet users and try to convince them to click on a link to steal their sensitive information or open an attachment to compromise their account, computer, organisation systems, etc. Users' behaviour, such as their risk-taking preference and decision-making style, can influence a phishing attempt's success. However, studies did not profoundly investigate the effects of the behaviours on each step of a phishing process (e.g., opening the email, clicking on the link, and submitting sensitive information on the phishing webpage). This study demonstrated the effects of risk-taking level and decision-making style, gender, age, and education level on the users' respond to each selected step of a phishing attempt.

In this real-world study, we measured the behaviours of 135 participants from academia using psychological scales and tests. We then tested their phishability level by sending them simulated phishing emails. The regression analysis results showed that the general risk- taking preference and gender of the users could predict their phishability in the second step, i.e., clicking on the phishing link (p<0.05). We could not find any significant relation between their decision-making style and other demographic factors with the users' phishability level in the second step of the phishing. We also could not find any relations between the measured behaviours, age, gender, and education level of the users and their phishability level in the first and second steps (i.e., opening the phishing email and submitting sensitive data to the phishing website).

The results of this study can help us develop proper mitigation actions to minimise phishing success in different steps. Organisations can use this approach to identify risky users and focus on decreasing their phishability level, for instance by providing more training to them or changing the behaviour (if possible). The developed model can be used as a comprehensive framework to investigate other behaviours’ effects in each step of phishing.

Keywords—

Cyber security, Phishing, Human behaviour, Individual differences, Online scams.

Hossein Abroshan is with the Ghent University (e-mail:

[email protected]).

Jan Devos is with Ghent University (e-mail:

[email protected]@ugent.be).

Geert Poels is with the Ghent University (e-mail: [email protected]).

Eric Laermans is with the Ghent University (e-mail:

[email protected]).

Hossein Abroshan, Jan Devos, Geert Poels, Eric Laermans

Effects of email users' behaviour and demographics on respond to each step of a phishing attack

Références

Télécharger maintenant ( PDF - 1 Page - 116.23 KB )

Documents relatifs

A solution to minimise the success of phishing attempts using the effects of human behaviour and emotions on falling into a phishing scam

Furthermore, specific situations, such as the pandemic, is also considered in the solution- that is, when a situation like the COVID-19 pandemic happens, the solution will

The Effects of Subliminal Stimulation on Drive Level and Brand Preference

The major purposes of this experiment were to: (1) determine whether subjective thirst ratings could be in- fluenced by a subliminal stimulus as predicted by the theory; (2) compare

Cognition and Education in High-level Performance in Sport: New Frameworks of Thinking to Understand the Activity and the Education of High¬level Professionals in Sport?

Chaque acteur sportif enrichit ses « connaissances » à travers des échanges permanents avec ses pairs dans sa discipline (sans naïveté cependant au regard des phénomènes

View of Davidson and Skepticism: How not to Respond to the Skeptic

In other words, by connecting the cause of a belief with the object of that belief, Davidson is in a position to challenge those forms of skepticism that presuppose that we may

Crowdsourcing to Mobile Users: A Study of the Role of Platforms and Tasks

Results of a user study hint that: some crowd- sourcing platforms seem more adequate to mobile devices than others; some inadequacy issues seem rather superficial and can be resolved

Strategic Behavior between a Bank and a Microfinance Institution: The Role of Psychological Distance and Education Level

Starting from his model, this study shows that in the competition between a bank and a microfinance institution (MFI), geographical distance and transportation

Identifying the Most Critical Trajectory of the Spread of a Social Engineering Attack between Two Users

Thus, the task of search for the most critical paths of multiple-phase social engineering attack from User i to User j comes down to the issue of sticking to the

The Demographics of Cool: Popularity and Recommender Performance for Different Groups of Users

To the well-known problems of popularity bias [2] and misclassified decoys [3, 5] (a good item recommendation counted as a error given that the user has yet to interact with the item