Paper Type
ERF
Abstract
Phishing remains a major cyber threat, exploiting human vulnerabilities despite advancements in automated detection. This study proposes an integrative model to predict phishing susceptibility by synthesizing findings from 70 prior studies and identifies 47 constructs across cognitive processing, personal traits, contextual factors, experiential attributes, influence techniques, and message characteristics. It bridges gaps in existing research by unifying fragmented literature findings and organizes the factors with taxonomy based on theories and conceptualizations. Future research aims to refine these constructs, eliminate redundancies, and test the model through empirical studies to enhance real-world anti-phishing solutions. The study contributes theoretically by advancing cybersecurity fields in IS research and practically by paving the way for organizations to develop next-generation anti-phishing systems.
Paper Number
2390
Recommended Citation
Luo, Yuxiao; Yazdanmehr, Adel; and Kumar, Nanda, "An Integrative Model of Phishing Susceptibility" (2025). AMCIS 2025 Proceedings. 11.
https://aisel.aisnet.org/amcis2025/sig_sec/sig_sec/11
An Integrative Model of Phishing Susceptibility
Phishing remains a major cyber threat, exploiting human vulnerabilities despite advancements in automated detection. This study proposes an integrative model to predict phishing susceptibility by synthesizing findings from 70 prior studies and identifies 47 constructs across cognitive processing, personal traits, contextual factors, experiential attributes, influence techniques, and message characteristics. It bridges gaps in existing research by unifying fragmented literature findings and organizes the factors with taxonomy based on theories and conceptualizations. Future research aims to refine these constructs, eliminate redundancies, and test the model through empirical studies to enhance real-world anti-phishing solutions. The study contributes theoretically by advancing cybersecurity fields in IS research and practically by paving the way for organizations to develop next-generation anti-phishing systems.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
SIGSEC