Why do some people manage phishing e‐mails better than others?
Abstract
Purpose
The purpose of this paper is to investigate the behaviour response of computer users when either phishing e‐mails or genuine e‐mails arrive in their inbox. The paper describes how this research was conducted and presents and discusses the findings.
Design/methodology/approach
This study was a scenario‐based role‐play experiment that involved the development of a web‐based questionnaire that was only accessible by invited participants when they attended a one‐hour, facilitated session in a computer laboratory.
Findings
The findings indicate that overall, genuine e‐mails were managed better than phishing e‐mails. However, informed participants managed phishing e‐mails better than not‐informed participants. Other findings show how familiarity with computers, cognitive impulsivity and personality traits affect behavioural responses to both types of e‐mail.
Research limitations/implications
This study does not claim to evaluate actual susceptibility to phishing emails. The subjects were University students and therefore the conclusions are not necessarily representative of the general population of e‐mail users.
Practical implications
The outcomes of this research would assist management in their endeavours to improve computer user behaviour and, as a result, help to mitigate risks to their organisational information systems.
Originality/value
The literature review indicates that this paper addresses a genuine gap in the research.
Keywords
Citation
Pattinson, M., Jerram, C., Parsons, K., McCormac, A. and Butavicius, M. (2012), "Why do some people manage phishing e‐mails better than others?", Information Management & Computer Security, Vol. 20 No. 1, pp. 18-28. https://doi.org/10.1108/09685221211219173
Publisher
:Emerald Group Publishing Limited
Copyright © 2012, Company