Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Off the Hook! Who Gets Phished and Why

07.04.2011
Researchers tell us and offer suggestions about how to stay out of harm's way

Communication researchers at four major universities have found that if you receive a lot of email, habitually respond to a good portion of it, maintain a lot of online relationships and conduct a large number of transactions online, you are more susceptible to email phishing expeditions than those who limit their online activity.

The study, "Why Do People Get Phished?" forthcoming in the journal, "Decision Support Systems and Electronic Commerce," uses an integrated information processing model to test individual differences in vulnerability to phishing.

The study is particularly pertinent, given the rash of phishing expeditions that have become public of late, the most recent involving the online marketing firm Epsilon, whose database was breached last week by hackers, potentially affecting millions of banking and retail customers.

The authors are Arun "Vish" Vishwanath, PhD, associate professor in the UB Department of Communication, College of Arts and Sciences, and an expert in consumer behavior, specifically the diffusion and acceptance of information technology; H. Raghav Rao, PhD, SUNY Distinguished Service Professor in the UB Department of Management Science and Systems, School of Management, who conducts research on decision support systems, e-business, emergency response management systems and information assurance; Tejaswini Herath, PhD, Brock University (Ont., CA); Rui Chen, PhD, Ball State University, and Jingguo Wang, PhD, University of Texas, Arlington. Herath, Chen and Wang all earned degrees from UB.

Email "phishing" is a process that employs such techniques as using the names of credible businesses (American Express, eBay), government institutions (Internal Revenue Service, Department of Motor Vehicles), or current events (political donations, Beijing Olympic tickets, aiding Katrina victims) in conjunction with statements invoking fear, threat, excitement, or urgency, to persuade people to respond with personal and sensitive information like usernames, passwords and credit card details.

Phishing exploits what are generally accepted to be the poor current web security technologies, but Vishwanath says, "By way of prevention, we found that spam blockers are imperative to reduce the number of unnecessary emails individuals receive that could potentially clutter their information processing and judgment.

"At the other end," he says, "individuals need to be extra careful when utilizing a single email account to respond to all their emails. An effective strategy is to use different email accounts for different purposes. If one email address is used solely for banking and another is used solely for personal communication with family and friends, it will increase your attention to the details of the email and reduce the likelihood of chance deception because of clutter."

Vishwanath also advocates setting aside time to focus and respond to personal emails separately from work-related emails. For instance, setting aside a time each day for responding to personal banking emails gives you time to process them more clearly and consider their legitimacy before responding.

The integrated information processing model of phishing susceptibility presented in this study is grounded in prior research in information processing and interpersonal deception.

"We refined and validated our model using a sample of intended victims of an actual phishing attack," Vishwanath says.

Overall, their model explains close to fifty percent of the variance in individual phishing susceptibility.

"Our results indicate that people process most phishing emails peripherally and make decisions based on simple cues embedded in the email. Interestingly, urgency cues, i.e., threats and warnings, in the email stimulated increased information processing, short-circuiting the resources available for attending to other cues that could potentially help detect the deception.

"Our findings suggest that habitual patterns of media use combined with high levels of email load have a strong and significant influence on individuals' likelihood to be phished."

The study also showed that a person's competency with computing did not protect them from phishing scams, but their awareness about phishing in conjunction with healthy email habits, helped them avoid online deception.

Herath, who holds a PhD from UB, is an assistant professor in the Faculty of Business at Brock University. Chen, who holds a bachelor's and master's degree in computer science and a PhD in management science and systems from UB, is an assistant professor of information systems at Ball State. Wang, who holds a master's degree in industrial engineering and a PhD in management science and systems from UB, is an assistant professor of information systems and operations management, University of Texas, Arlington.

The University at Buffalo is a premier research-intensive public university, a flagship institution in the State University of New York system and its largest and most comprehensive campus. UB's more than 28,000 students pursue their academic interests through more than 300 undergraduate, graduate and professional degree programs. Founded in 1846, the University at Buffalo is a member of the Association of American Universities.

Patricia Donovan | EurekAlert!
Further information:
http://www.buffalo.edu

More articles from Information Technology:

nachricht New software speeds origami structure designs
12.10.2017 | Georgia Institute of Technology

nachricht Seeing the next dimension of computer chips
11.10.2017 | Osaka University

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Neutron star merger directly observed for the first time

University of Maryland researchers contribute to historic detection of gravitational waves and light created by event

On August 17, 2017, at 12:41:04 UTC, scientists made the first direct observation of a merger between two neutron stars--the dense, collapsed cores that remain...

Im Focus: Breaking: the first light from two neutron stars merging

Seven new papers describe the first-ever detection of light from a gravitational wave source. The event, caused by two neutron stars colliding and merging together, was dubbed GW170817 because it sent ripples through space-time that reached Earth on 2017 August 17. Around the world, hundreds of excited astronomers mobilized quickly and were able to observe the event using numerous telescopes, providing a wealth of new data.

Previous detections of gravitational waves have all involved the merger of two black holes, a feat that won the 2017 Nobel Prize in Physics earlier this month....

Im Focus: Smart sensors for efficient processes

Material defects in end products can quickly result in failures in many areas of industry, and have a massive impact on the safe use of their products. This is why, in the field of quality assurance, intelligent, nondestructive sensor systems play a key role. They allow testing components and parts in a rapid and cost-efficient manner without destroying the actual product or changing its surface. Experts from the Fraunhofer IZFP in Saarbrücken will be presenting two exhibits at the Blechexpo in Stuttgart from 7–10 November 2017 that allow fast, reliable, and automated characterization of materials and detection of defects (Hall 5, Booth 5306).

When quality testing uses time-consuming destructive test methods, it can result in enormous costs due to damaging or destroying the products. And given that...

Im Focus: Cold molecules on collision course

Using a new cooling technique MPQ scientists succeed at observing collisions in a dense beam of cold and slow dipolar molecules.

How do chemical reactions proceed at extremely low temperatures? The answer requires the investigation of molecular samples that are cold, dense, and slow at...

Im Focus: Shrinking the proton again!

Scientists from the Max Planck Institute of Quantum Optics, using high precision laser spectroscopy of atomic hydrogen, confirm the surprisingly small value of the proton radius determined from muonic hydrogen.

It was one of the breakthroughs of the year 2010: Laser spectroscopy of muonic hydrogen resulted in a value for the proton charge radius that was significantly...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

ASEAN Member States discuss the future role of renewable energy

17.10.2017 | Event News

World Health Summit 2017: International experts set the course for the future of Global Health

10.10.2017 | Event News

Climate Engineering Conference 2017 Opens in Berlin

10.10.2017 | Event News

 
Latest News

Electrode materials from the microwave oven

19.10.2017 | Materials Sciences

New material for digital memories of the future

19.10.2017 | Materials Sciences

Physics boosts artificial intelligence methods

19.10.2017 | Physics and Astronomy

VideoLinks
B2B-VideoLinks
More VideoLinks >>>