SAFETYLIT WEEKLY UPDATE

We compile citations and summaries of about 400 new articles every week.
RSS Feed

HELP: Tutorials | FAQ
CONTACT US: Contact info

Search Results

Journal Article

Citation

Hakim ZM, Ebner NC, Oliveira DS, Getz SJ, Levin BE, Lin T, Lloyd K, Lai VT, Grilli MD, Wilson RC. Behav. Res. Methods 2021; 53(3): 1342-1352.

Copyright

(Copyright © 2021, Holtzbrinck Springer Nature Publishing Group)

DOI

10.3758/s13428-020-01495-0

PMID

33078362

PMCID

PMC8188181

Abstract

Phishing emails constitute a major problem, linked to fraud and exploitation as well as subsequent negative health outcomes including depression and suicide. Because of their sheer volume, and because phishing emails are designed to deceive, purely technological solutions can only go so far, leaving human judgment as the last line of defense. However, because it is difficult to phish people in the lab, little is known about the cognitive and neural mechanisms underlying phishing susceptibility. There is therefore a critical need to develop an ecologically valid lab-based measure of phishing susceptibility that will allow evaluation of the cognitive mechanisms involved in phishing detection. Here we present such a measure based on a task, the Phishing Email Suspicion Test (PEST), and a cognitive model to quantify behavior. In PEST, participants rate a series of phishing and non-phishing emails according to their level of suspicion. By comparing suspicion scores for each email to its real-world efficacy, we find initial support for the ecological validity of PEST - phishing emails that were more effective in the real world were more effective at deceiving people in the lab. In the proposed computational model, we quantify behavior in terms of participants' overall level of suspicion of emails, their ability to distinguish phishing from non-phishing emails, and the extent to which emails from the recent past bias their current decision. Together, our task and model provide a framework for studying the cognitive neuroscience of phishing detection.


Language: en

Keywords

Affect; Cognition; Computer Security; Cybersecurity; Decision making; Electronic Mail; Humans; Judgment; Phishing; Sequential effects

NEW SEARCH


All SafetyLit records are available for automatic download to Zotero & Mendeley
Print