Location
Huntsville (Ala.)
Start Date
6-7-2017
Presentation Type
Paper
Description
A user study was designed to understand user security behavior when processing phishing emails. Previous research suggests that people are victimized by phishing emails due to a lack of awareness and the adverse effects of time pressure and distraction on information processing. We looked deeper to explore what phishing indicators users overlook more often than others, and whether applying interventions that emphasize such phishing tells and awarding incentives for good performance improve accuracy and influence task completion time. More specifically, 20 participants of mixed educational backgrounds were recruited to perform an email sorting task. Participants were instructed to move emails into a suspicious or legitimate folder. Phishing emails varied by three different phishing tells: sender’s email address, link or attachment payload, and message composition. Each participant completed three rounds of the sorting task in one session. In the second round, one phishing tell, with which the participant struggled the most in the first round, was modified in a way to make it easier to recognize. Moreover, one group of participants was offered a financial reward if their classification accuracy reached 80% or better. Participants’ performance data of classification accuracy and task completion time were analyzed and presented with a few interesting findings. This paper discusses the complexity of conducting such a user study and describes the research experience that the team had.
Recommended Citation
Muthal, Supriya; Li, Sen; Huang, Yuan; Li, Xiangyang; Dahbura, Anton; Bos, Nathan; and Molinaro, Kylie, "A Phishing Study of User Behavior with Incentive and Informed Intervention" (2017). National Cyber Summit. 11.
https://louis.uah.edu/cyber-summit/ncs2017/ncs2017papers/11
A Phishing Study of User Behavior with Incentive and Informed Intervention
Huntsville (Ala.)
A user study was designed to understand user security behavior when processing phishing emails. Previous research suggests that people are victimized by phishing emails due to a lack of awareness and the adverse effects of time pressure and distraction on information processing. We looked deeper to explore what phishing indicators users overlook more often than others, and whether applying interventions that emphasize such phishing tells and awarding incentives for good performance improve accuracy and influence task completion time. More specifically, 20 participants of mixed educational backgrounds were recruited to perform an email sorting task. Participants were instructed to move emails into a suspicious or legitimate folder. Phishing emails varied by three different phishing tells: sender’s email address, link or attachment payload, and message composition. Each participant completed three rounds of the sorting task in one session. In the second round, one phishing tell, with which the participant struggled the most in the first round, was modified in a way to make it easier to recognize. Moreover, one group of participants was offered a financial reward if their classification accuracy reached 80% or better. Participants’ performance data of classification accuracy and task completion time were analyzed and presented with a few interesting findings. This paper discusses the complexity of conducting such a user study and describes the research experience that the team had.