Location

260-005, Owen G. Glenn Building

Start Date

12-15-2014

Description

Phishing threatens the information security of Internet users and corporations. Where most research focuses on the phisher’s website, i.e., how to determine if a website is legitimate, this study examines the email that begins the phishing process. To understand why Internet consumers respond to phisher’s emails by sharing sensitive information, we draw on models of e-commerce deception to explain the efficacy of phishing strategies. To test our hypotheses, we conducted a field experiment that manipulated the content of phishing emails. Consistent with our hypotheses, we found content manipulations improved the likelihood of our subjects’ conveying sensitive information. Further, we found that cognitive processes can influence a consumer’s likelihood of being deceived. However, hypotheses about deception support mechanisms and presentation manipulations were not supported. In sum, we find support for the general theory of ecommerce deception as well as our cognitive processing explanations for phishing’s effectiveness.

Share

COinS
 
Dec 15th, 12:00 AM

Extending Ecommerce Deception Theory to Phishing

260-005, Owen G. Glenn Building

Phishing threatens the information security of Internet users and corporations. Where most research focuses on the phisher’s website, i.e., how to determine if a website is legitimate, this study examines the email that begins the phishing process. To understand why Internet consumers respond to phisher’s emails by sharing sensitive information, we draw on models of e-commerce deception to explain the efficacy of phishing strategies. To test our hypotheses, we conducted a field experiment that manipulated the content of phishing emails. Consistent with our hypotheses, we found content manipulations improved the likelihood of our subjects’ conveying sensitive information. Further, we found that cognitive processes can influence a consumer’s likelihood of being deceived. However, hypotheses about deception support mechanisms and presentation manipulations were not supported. In sum, we find support for the general theory of ecommerce deception as well as our cognitive processing explanations for phishing’s effectiveness.