The roles of phishing knowledge, cue utilization, and decision styles in phishing email detection
Files
(Published version)
Date
2024
Authors
Sturman, D.
Bell, E.A.
Auton, J.C.
Breakey, G.R.
Wiggins, M.W.
Editors
Advisors
Journal Title
Journal ISSN
Volume Title
Type:
Journal article
Citation
Applied Ergonomics, 2024; 119:104309-1-104309-11
Statement of Responsibility
Daniel Sturman, Elliot A. Bell, Jaime C. Auton, Georgia R. Breakey, Mark W. Wiggins
Conference Name
Abstract
This study investigated the roles of phishing knowledge, cue utilization, and decision styles in contributing to phishing email detection. Participants (N = 145) completed an online email sorting task, and measures of phishing knowledge, email decision styles, cue utilization, and email security awareness. Cue utilization was the only factor that uniquely predicted the capacity to discriminate phishing from genuine emails. Phishing knowledge was associated with greater phishing detection and a bias towards classifying all emails as phishing. A preference for intuitive decision making predicted lower detection of phishing emails, driven by a greater tendency to classify emails as genuine. These findings support the proposition that cue utilization is a distinct cognitive process that enables expert performance. The outcomes indicate that, in addition to increasing phishing knowledge and developing safe behavioral patterns, anti-phishing training needs to provide opportunities for trainees to develop meaningful cue associations.
School/Discipline
Dissertation Note
Provenance
Description
Available online 9 May 2024
Access Status
Rights
© 2024 The Authors. Published by Elsevier Ltd. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/).