Predicting Phishing Victimization: Roles of Protective and Vulnerable Strategies and Decision-Making Styles

Document Type

Conference Proceeding

Publication Date


Publication Title

Workshop on Scalable Network Traffic Analytics



Publisher Name



Phishing is a common vector for cybercrime and hacking. This research examines participants' personality styles (e.g. decision-making styles, self-control) and the likelihood of falling victim to phishing attacks. Over 300 participants completed an online survey assessing protective and vulnerable strategies, personality styles, trust in people, prior victimization from catphishing or identity theft, and demographics information. Unbeknownst to the participants, 2 to 4 weeks after completing the survey they received a phishing e-mail asking them to click on a link. Individuals with a stronger systematic decision-making style were more likely to have a greater number of protective strategies, and those with greater protective strategies were less likely to be a victim of catphishing and identity theft. Individuals with low avoidant decision-making styles and prior vulnerable strategies were more likely to be phished. These findings suggest that learning protective strategies and not using vulnerable strategies are insufficient to lower substantially the risk of being phished. Training might be improved through considering the match between decision-making styles and the content of the training.


Creative Commons License

Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.