Breaching the Human Firewall: Social engineering in Phishing and Spear-Phishing Emails

May 28, 2016 Β· Declared Dead Β· πŸ› ACIS

πŸ‘» CAUSE OF DEATH: Ghosted
No code link whatsoever

"No code URL or promise found in abstract"

Evidence collected by the PWNC Scanner

Authors Marcus Butavicius, Kathryn Parsons, Malcolm Pattinson, Agata McCormac arXiv ID 1606.00887 Category cs.CY: Computers & Society Cross-listed cs.CR Citations 117 Venue ACIS Last Checked 4 months ago
Abstract
We examined the influence of three social engineering strategies on users' judgments of how safe it is to click on a link in an email. The three strategies examined were authority, scarcity and social proof, and the emails were either genuine, phishing or spear-phishing. Of the three strategies, the use of authority was the most effective strategy in convincing users that a link in an email was safe. When detecting phishing and spear-phishing emails, users performed the worst when the emails used the authority principle and performed best when social proof was present. Overall, users struggled to distinguish between genuine and spear-phishing emails. Finally, users who were less impulsive in making decisions generally were less likely to judge a link as safe in the fraudulent emails. Implications for education and training are discussed.
Community shame:
Not yet rated
Community Contributions

Found the code? Know the venue? Think something is wrong? Let us know!

πŸ“œ Similar Papers

In the same crypt β€” Computers & Society

R.I.P. πŸ‘» Ghosted

Green AI

Roy Schwartz, Jesse Dodge, ... (+2 more)

cs.CY πŸ› arXiv πŸ“š 1.5K cites 6 years ago

Died the same way β€” πŸ‘» Ghosted