Bell, Elliot2024-05-172024-05-172022https://hdl.handle.net/2440/140847This item is only available electronically.Phishing emails are one of the most pervasive and costly threats to cybersecurity worldwide. To mitigate this risk, email users need to be able to accurately detect these fraudulent emails. Although many knowledge-based training programs improve detection, a considerable proportion of users still fail to identify phishing emails after training. As such, there needs to be a greater understanding of the factors which may enhance discrimination between genuine and phishing emails. While the role of cognitive factors has previously been examined, few studies have made the important distinction between detection and discrimination when investigating knowledge, cue utilisation and decision styles. An age-stratified sample of Australian residents (N = 144) completed an online phishing email detection task, and measures of objective phishing email knowledge, cue utilisation, and intuitive and rational decision styles. While both higher knowledge and cue utilisation were associated with greater detection of phishing emails, only cue utilisation was associated with a greater capacity for discrimination between genuine and phishing emails. Knowledge was instead associated with greater caution. An intuitive style was associated with poorer detection of phishing emails, with no relationship found between a rational style and detection performance. Overall, these findings suggest that increasing knowledge may not be sufficient to provide users with the ability to discriminate between genuine and phishing emails. Increasing cue utilisation, in addition to knowledge, may be a more effective approach. Practically, the present study provides evidence that users within broader society may benefit from cue-based training to enhance phishing email detection. Keywords: Phishing email detection, cue utilisation, knowledge, decision styles, discriminationHonours; PsychologyThesis