Paper Type
Completed Research Paper
Abstract
A victim of a phishing email could be subject to money loss and identity theft. This paper investigates the different types of phishing email victims, with the goal of increasing such victims’ defences. To obtain this kind of information, an experiment which involves sending a phishing email to university students is conducted. Quantitative and qualitative methods are also used to collect users’ information. A model for detecting deception has been employed to understand victims’ behaviour. The findings suggest that victims of phishing emails do not always exhibit the same vulnerability. The cause of being a victim is a result of three weaknesses in the detection process explained in this paper. Victims have to be prompted with suitable confirmation channels and risk-averse behaviour to reduce their susceptibility towards phishing emails. Organisations have to improve their communication channels with their users to reduce the number of victims.
Recommended Citation
Alseadoon, Ibrahim Mohammed; Othman, Mohd Fairuz Iskandar; Foo, Ernest; and Chan, Taizan, "Typology of phishing email victims based on their behavioural response" (2013). AMCIS 2013 Proceedings. 19.
https://aisel.aisnet.org/amcis2013/ISSecurity/GeneralPresentations/19
Typology of phishing email victims based on their behavioural response
A victim of a phishing email could be subject to money loss and identity theft. This paper investigates the different types of phishing email victims, with the goal of increasing such victims’ defences. To obtain this kind of information, an experiment which involves sending a phishing email to university students is conducted. Quantitative and qualitative methods are also used to collect users’ information. A model for detecting deception has been employed to understand victims’ behaviour. The findings suggest that victims of phishing emails do not always exhibit the same vulnerability. The cause of being a victim is a result of three weaknesses in the detection process explained in this paper. Victims have to be prompted with suitable confirmation channels and risk-averse behaviour to reduce their susceptibility towards phishing emails. Organisations have to improve their communication channels with their users to reduce the number of victims.