Featured Research

from universities, journals, and other organizations

Off the hook: Who gets phished and why

Date:
April 7, 2011
Source:
University at Buffalo
Summary:
Communication researchers have found that if you receive a lot of email, habitually respond to a good portion of it, maintain a lot of online relationships and conduct a large number of transactions online, you are more susceptible to email phishing expeditions than those who limit their online activity.

Communication researchers at four major universities have found that if you receive a lot of email, habitually respond to a good portion of it, maintain a lot of online relationships and conduct a large number of transactions online, you are more susceptible to email phishing expeditions than those who limit their online activity.

Related Articles


The study, "Why Do People Get Phished?" forthcoming in the journal, Decision Support Systems and Electronic Commerce, uses an integrated information processing model to test individual differences in vulnerability to phishing.

The study is particularly pertinent, given the rash of phishing expeditions that have become public of late, the most recent involving the online marketing firm Epsilon, whose database was breached last week by hackers, potentially affecting millions of banking and retail customers.

The authors are Arun "Vish" Vishwanath, PhD, associate professor in the UB Department of Communication, College of Arts and Sciences, and an expert in consumer behavior, specifically the diffusion and acceptance of information technology; H. Raghav Rao, PhD, SUNY Distinguished Service Professor in the UB Department of Management Science and Systems, School of Management, who conducts research on decision support systems, e-business, emergency response management systems and information assurance; Tejaswini Herath, PhD, Brock University (Ont., CA); Rui Chen, PhD, Ball State University, and Jingguo Wang, PhD, University of Texas, Arlington. Herath, Chen and Wang all earned degrees from UB.

Email "phishing" is a process that employs such techniques as using the names of credible businesses (American Express, eBay), government institutions (Internal Revenue Service, Department of Motor Vehicles), or current events (political donations, Beijing Olympic tickets, aiding Katrina victims) in conjunction with statements invoking fear, threat, excitement, or urgency, to persuade people to respond with personal and sensitive information like usernames, passwords and credit card details.

Phishing exploits what are generally accepted to be the poor current web security technologies, but Vishwanath says, "By way of prevention, we found that spam blockers are imperative to reduce the number of unnecessary emails individuals receive that could potentially clutter their information processing and judgment.

"At the other end," he says, "individuals need to be extra careful when utilizing a single email account to respond to all their emails. An effective strategy is to use different email accounts for different purposes. If one email address is used solely for banking and another is used solely for personal communication with family and friends, it will increase your attention to the details of the email and reduce the likelihood of chance deception because of clutter."

Vishwanath also advocates setting aside time to focus and respond to personal emails separately from work-related emails. For instance, setting aside a time each day for responding to personal banking emails gives you time to process them more clearly and consider their legitimacy before responding.

The integrated information processing model of phishing susceptibility presented in this study is grounded in prior research in information processing and interpersonal deception.

"We refined and validated our model using a sample of intended victims of an actual phishing attack," Vishwanath says.

Overall, their model explains close to fifty percent of the variance in individual phishing susceptibility.

"Our results indicate that people process most phishing emails peripherally and make decisions based on simple cues embedded in the email. Interestingly, urgency cues, i.e., threats and warnings, in the email stimulated increased information processing, short-circuiting the resources available for attending to other cues that could potentially help detect the deception.

"Our findings suggest that habitual patterns of media use combined with high levels of email load have a strong and significant influence on individuals' likelihood to be phished."

The study also showed that a person's competency with computing did not protect them from phishing scams, but their awareness about phishing in conjunction with healthy email habits, helped them avoid online deception.


Story Source:

The above story is based on materials provided by University at Buffalo. Note: Materials may be edited for content and length.


Journal Reference:

  1. Arun Vishwanath, Tejaswini Herath, Rui Chen, Jingguo Wang, H. Raghav Rao. Why do people get phished? Testing individual differences in phishing vulnerability within an integrated, information processing model. Decision Support Systems, 2011; DOI: 10.1016/j.dss.2011.03.002

Cite This Page:

University at Buffalo. "Off the hook: Who gets phished and why." ScienceDaily. ScienceDaily, 7 April 2011. <www.sciencedaily.com/releases/2011/04/110406151305.htm>.
University at Buffalo. (2011, April 7). Off the hook: Who gets phished and why. ScienceDaily. Retrieved March 2, 2015 from www.sciencedaily.com/releases/2011/04/110406151305.htm
University at Buffalo. "Off the hook: Who gets phished and why." ScienceDaily. www.sciencedaily.com/releases/2011/04/110406151305.htm (accessed March 2, 2015).

Share This


More From ScienceDaily



More Computers & Math News

Monday, March 2, 2015

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

HP to Buy Aruba Networks in $3B Deal

HP to Buy Aruba Networks in $3B Deal

Reuters - Business Video Online (Mar. 2, 2015) Hewlett-Packard is boosting its mobile computing business... buying California-based Aruba Networks- a wi-fi network gear maker for $24.67 per share. Leah Duncan reports. Video provided by Reuters
Powered by NewsLook.com
Can Curved Screen Give Samsung the Edge?

Can Curved Screen Give Samsung the Edge?

Reuters - Business Video Online (Mar. 2, 2015) South Korea&apos;s Samsung Electronics Co Ltd unveiled its latest Galaxy S smartphones, featuring a slim body made from aircraft-grade metal, in a bid to reclaim the throne of undisputed global smartphone leader from Apple Inc. Hayley Platt reports. Video provided by Reuters
Powered by NewsLook.com
Smartphone Giants Unveil Latest Models at Technology Show

Smartphone Giants Unveil Latest Models at Technology Show

AFP (Mar. 2, 2015) Mobile providers have been unveiling their upcoming models at the Mobile World Congress in Barcelona, showing off the latest in smartphone technology. Duration: 00:57 Video provided by AFP
Powered by NewsLook.com
Mobile World Looks to 5G

Mobile World Looks to 5G

Reuters - Business Video Online (Mar. 2, 2015) The wireless industry&apos;s annual conference gets underway in Barcelona with 85,000 executives taking part and numerous new smartphones and watches being launched. As Ivor Bennett reports from the show the race for 5G is one of the key themes. Video provided by Reuters
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:

Strange & Offbeat Stories


Space & Time

Matter & Energy

Computers & Math

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins