Abstract
Phishing causes significant economic damage and erodes consumer trust in business communication. To better filter phishing emails, researchers have paid a substantial amount of attention to the characteristics of phishing emails. This study focused on the effects of recipient information and urgency cues on phishing detection. A total of 518 participants performed role-playing tasks in which they needed to discriminate legitimate emails and phishing emails. The results showed that the main effects of urgency cues and recipient information were significant. Under the condition of time constraints, the likelihood of replying to the phishing emails increased, and the likelihood of searching for the relevant information decreased. When recipient information was added to the phishing emails, the likelihood of replying to the phishing emails decreased, and the likelihood of deleting the phishing emails and searching the for relevant information increased. Meanwhile, the interaction effect of recipient information and time pressure was also significant. When recipient information was added to the phishing emails, the urgency cues had a significant negative effect on the detection behaviors. Under the condition of time constraints and recipient information addition, the likelihood of replying to the phishing emails increased, and the likelihood of deleting the phishing emails and searching for the relevant information decreased. These findings showed that phishing email characteristics strongly affect phishing susceptibility. A sense of urgency resulted in stress and impulsive behavior, and thus, the participants preferred quickly respond and perform less research. By exploring the mechanism underlying phishing processing, this study deepens the understanding of detecting deception and motivates more effective strategies or assistance systems to protect individuals from online fraud.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Anti-Phishing Working Group. https://apwg.org/trendsreports/. Accessed 4 Nov 2019
Lim, V.K.G., Teo, T.S.H.: Prevalence, perceived seriousness, justification and regulation of cyberloafing in Singapore: an exploratory study. Inf. Manag. 42(8), 1081–1093 (2005)
Nicholson, J., Coventry, L., Briggs, P.: Can we fight social engineering attacks by social means? Assessing social salience as a means to improve phish detection. In: 13th Symposium on Usable Privacy and Security, pp. 285–298. USENIX, Santa Clara (2017)
Ferguson, A.J.: Fostering e-mail security awareness: the west point carronade. Educause Q. 28(1), 54–57 (2005)
Vishwanath, A., Harrison, B., Ng, Y.J.: Suspicion, cognition, and automaticity model of phishing susceptibility. Commun. Res. 45(8), 1146–1166 (2018)
Hong, J.: The state of phishing attacks. Commun. ACM 55(1), 74–81 (2012)
Jagatic, T.N., Johnson, N.A., Jakobsson, M., Menczer, F.: Social phishing. Commun. ACM 50(10), 94–100 (2007)
Holm, H., Flores, W.R., Nohlberg, M., Ekstedt, M.: An empirical investigation of the effect of recipient information in phishing attacks. In: 18th International Enterprise Distributed Object Computing Conference Workshops and Demonstrations, Ulm, Germany, pp. 357–363. IEEE (2014)
Bullee, J., Montoya, L., Junger, M., Hartel, P.: Spear phishing in organisations explained. Inf. Comput. Secur. 25(5), 593–613 (2017)
Wright, R.T., Marett, K., Thatcher, J.B.: Extending ecommerce deception to phishing. In: 35th International Conference on Information Systems, pp. 1–16. AIS eLibrary, Auckland (2014)
Vishwanath, A., Herath, T., Chen, R., Wang, J., Rao, H.R.: Why do people get phished? Testing individual differences in phishing vulnerability within an integrated, information processing model. Decis. Support Syst. 51(3), 576–586 (2011)
Ordonez, L., Benson III, L.: Decisions under time pressure: how time constraint affects risky decision making. Organ. Behav. Hum. Decis. Process. 71(2), 121–140 (1997)
Rothstein, H.G.: The effects of time pressure on judgement in multiple cue probability learning. Organ. Behav. Hum. Decis. Process. 37(1), 83–92 (1986)
Wang, J., Herath, T., Chen, R., Vishwanath, A., Rao, H.R.: Research article phishing susceptibility: an investigation into the processing of a targeted spear phishing email. IEEE Trans. Prof. Commun. 55(4), 345–362 (2012)
Sheng, S., Holbrook, M., Kumaraguru, P., Cranor, L.F., Downs, J.: Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions. In: The SIGCHI Conference on Human Factors in Computing Systems, Georgia, USA, pp. 373–382. ACM (2010)
Shah, D.V., Kwak, N., Schmierbach, M., Zubric, J.: The interplay of news frames on cognitive complexity. Hum. Commun. Res. 30(1), 102–120 (2004)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Cui, X., Ge, Y., Qu, W., Zhang, K. (2020). Effects of Recipient Information and Urgency Cues on Phishing Detection. In: Stephanidis, C., Antona, M. (eds) HCI International 2020 - Posters. HCII 2020. Communications in Computer and Information Science, vol 1226. Springer, Cham. https://doi.org/10.1007/978-3-030-50732-9_67
Download citation
DOI: https://doi.org/10.1007/978-3-030-50732-9_67
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-50731-2
Online ISBN: 978-3-030-50732-9
eBook Packages: Computer ScienceComputer Science (R0)