DeepAI AI Chat
Log In Sign Up

Falling for Phishing: An Empirical Investigation into People's Email Response Behaviors

by   Asangi Jayatilaka, et al.

Despite the sophisticated phishing email detection systems, and training and awareness programs, humans continue to be tricked by phishing emails. In an attempt to understand why phishing email attacks still work, we have carried out an empirical study to investigate how people make response decisions while reading their emails. We used a "think aloud" method and follow-up interviews to collect data from 19 participants. The analysis of the collected data has enabled us to identify eleven factors that influence people's response decisions to both phishing and legitimate emails. Based on the identified factors, we discuss how people can be susceptible to phishing attacks due to the flaws in their decision-making processes. Furthermore, we propose design directions for developing a behavioral plugin for email clients that can be used to nudge people's secure behaviors enabling them to have a better response to phishing emails.


page 5

page 14


Arguing for Decisions: A Qualitative Model of Decision Making

We develop a qualitative model of decision making with two aims: to desc...

Visual Behaviors and Mobile Information Acquisition

It is common for people to engage in information acquisition tasks while...

Homophily and Incentive Effects in Use of Algorithms

As algorithmic tools increasingly aid experts in making consequential de...

Analyzing the Use of Camera Glasses in the Wild

Camera glasses enable people to capture point-of-view videos using a com...

How do people incorporate advice from artificial agents when making physical judgments?

How do people build up trust with artificial agents? Here, we study a ke...

Secure Estimation under Causative Attacks

This paper considers the problem of secure parameter estimation when the...

Somewhere Around That Number: An Interview Study of How Spreadsheet Users Manage Uncertainty

Spreadsheet users regularly deal with uncertainty in their data, for exa...