Sarno DM, Neider MB. So Many Phish, So Little Time: Exploring Email Task Factors and Phishing Susceptibility.
HUMAN FACTORS 2022;
64:1379-1403. [PMID:
33835881 DOI:
10.1177/0018720821999174]
[Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 06/12/2023]
Abstract
OBJECTIVE
The present studies examine how task factors (e.g., email load, phishing prevalence) influence email performance.
BACKGROUND
Phishing emails are a paramount cybersecurity threat for the modern email user. Research attempting to understand how users are susceptible to phishing attacks has been limited and has not fully explored how task factors (e.g., prevalence, email load) influence accurate detection.
METHOD
In three experiments, participants classified emails as either legitimate or not legitimate and reported on a variety of other categorizations. The first two experiments examined how email load and phishing prevalence influence phishing detection independently. The third experiment examined the interaction of these two factors to determine whether they have compounding effects. All three experiments utilized individual difference variables to examine how cognitive, behavioral, and personality factors may influence classifications.
RESULTS
Experiment 1 suggests that high email load can make the task appear more challenging. Experiment 2 indicates that low phishing prevalence can decrease sensitivity for phishing emails. Experiment 3 demonstrates that high levels of email load can decrease classification accuracy under 50/50 prevalence rates. Notably, performance was poor across all experiments, with phishing detection near chance levels and low discriminability for emails. Participants demonstrated poor metacognition with over confidence, low self-reported difficulty, and low perceived threat for the emails.
CONCLUSION
Overall, the present studies suggest that high email load and low phishing prevalence can influence email classifications.
APPLICATION
Organizations and researchers should consider the influences of both email load and phishing prevalence when implementing phishing interventions.
Collapse