Digital Scholarship@UNLV

Title

Which phish get caught An exploratory study of individuals′ susceptibility to phishing

Authors

G D. Moody, University of Nevada, Las VegasFollow
D F. Galletta, University of Pittsburgh
B K. Dunn, Utah State UniversityFollow

Document Type

Article

Publication Date

1-1-2017

Publication Title

European Journal of Information Systems

Volume

26

Issue

6

First page number:

564

Last page number:

584

Abstract

Phishing, or the practice of sending deceptive electronic communications to acquire private information from victims, results in significant financial losses to individuals and businesses. The first goal of this study is to identify situational and personality factors that explain why certain individuals are susceptible to such attacks. The second goal is to test those empirically, along with previously identified factors, to explain the likelihood that an individual will fall victim to a phishing attack. We employed the Delphi method to identify seven personality factors that may influence this susceptibility (trust, distrust, curiosity, entertainment drive, boredom proneness, lack of focus, and risk propensity). Our regression model included these as well as variables examined in previous studies. We find that emails sent from a known source significantly increase user susceptibility to phishing, as does a user's curiosity, risk propensity, general Internet usage, and Internet anxiety. In post hoc tests, we also find that trust and distrust can be significant predictors of susceptibility and that this significance is dependent on the characteristics of the message. © 2017 The OR Society.

Language

english

Repository Citation

Moody, G. D., Galletta, D. F., Dunn, B. K. (2017). Which phish get caught An exploratory study of individuals′ susceptibility to phishing. European Journal of Information Systems, 26(6), 564-584.
http://dx.doi.org/10.1057/s41303-017-0058-x