Predicting Phishing Victimization: Roles of Protective and Vulnerable Strategies and Decision-Making Styles
Workshop on Scalable Network Traffic Analytics
Phishing is a common vector for cybercrime and hacking. This research examines participants' personality styles (e.g. decision-making styles, self-control) and the likelihood of falling victim to phishing attacks. Over 300 participants completed an online survey assessing protective and vulnerable strategies, personality styles, trust in people, prior victimization from catphishing or identity theft, and demographics information. Unbeknownst to the participants, 2 to 4 weeks after completing the survey they received a phishing e-mail asking them to click on a link. Individuals with a stronger systematic decision-making style were more likely to have a greater number of protective strategies, and those with greater protective strategies were less likely to be a victim of catphishing and identity theft. Individuals with low avoidant decision-making styles and prior vulnerable strategies were more likely to be phished. These findings suggest that learning protective strategies and not using vulnerable strategies are insufficient to lower substantially the risk of being phished. Training might be improved through considering the match between decision-making styles and the content of the training.
Eric Chan-Tin, Loretta Stalans, Spencer Johnston, Daisy Reyes, and Shelia Kennison. 2022. Predicting Phishing Victimization: Roles of Protective and Vulnerable Strategies and Decision-Making Styles. In Fifth International Workshop on Systems and Network Telemetry and Analytics (SNTA '22). Association for Computing Machinery, New York, NY, USA, 35–42. https://doi.org/10.1145/3526064.3534107
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.