Phishing attacks are one of the most prevalent cybersecurity threats to modern organizations. As a result, researchers and practitioners alike have pooled their strengths to understand who is most at risk of falling for phishing attacks. Since recent work calls for consideration of discrete context dimensions when examining phishing susceptibility, we use cluster analysis in conjunction with a large-scale phishing experiment to identify and scrutinize highly deceivable employees across three continents based on contextual influencing factors. The results reveal salient similarities between employee groups in Europe, Australia, and North America. Consequently, our findings underscore the importance of classifying employees based on discrete contextual characteristics impacting their phishing susceptibility. Furthermore, the identified clusters have important implications for policymakers, awareness programs, and anti-phishing interventions, as they allow to better target individuals based on contextual attributes.
Frank, Muriel; Wagner, Niklas; and Ranft, Lukas Manuel, "Who gets phished? Insights from a Contextual Clustering Analysis Across Three Continents" (2022). ECIS 2022 Research Papers. 75.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.