Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Off the Hook! Who Gets Phished and Why

07.04.2011
Researchers tell us and offer suggestions about how to stay out of harm's way

Communication researchers at four major universities have found that if you receive a lot of email, habitually respond to a good portion of it, maintain a lot of online relationships and conduct a large number of transactions online, you are more susceptible to email phishing expeditions than those who limit their online activity.

The study, "Why Do People Get Phished?" forthcoming in the journal, "Decision Support Systems and Electronic Commerce," uses an integrated information processing model to test individual differences in vulnerability to phishing.

The study is particularly pertinent, given the rash of phishing expeditions that have become public of late, the most recent involving the online marketing firm Epsilon, whose database was breached last week by hackers, potentially affecting millions of banking and retail customers.

The authors are Arun "Vish" Vishwanath, PhD, associate professor in the UB Department of Communication, College of Arts and Sciences, and an expert in consumer behavior, specifically the diffusion and acceptance of information technology; H. Raghav Rao, PhD, SUNY Distinguished Service Professor in the UB Department of Management Science and Systems, School of Management, who conducts research on decision support systems, e-business, emergency response management systems and information assurance; Tejaswini Herath, PhD, Brock University (Ont., CA); Rui Chen, PhD, Ball State University, and Jingguo Wang, PhD, University of Texas, Arlington. Herath, Chen and Wang all earned degrees from UB.

Email "phishing" is a process that employs such techniques as using the names of credible businesses (American Express, eBay), government institutions (Internal Revenue Service, Department of Motor Vehicles), or current events (political donations, Beijing Olympic tickets, aiding Katrina victims) in conjunction with statements invoking fear, threat, excitement, or urgency, to persuade people to respond with personal and sensitive information like usernames, passwords and credit card details.

Phishing exploits what are generally accepted to be the poor current web security technologies, but Vishwanath says, "By way of prevention, we found that spam blockers are imperative to reduce the number of unnecessary emails individuals receive that could potentially clutter their information processing and judgment.

"At the other end," he says, "individuals need to be extra careful when utilizing a single email account to respond to all their emails. An effective strategy is to use different email accounts for different purposes. If one email address is used solely for banking and another is used solely for personal communication with family and friends, it will increase your attention to the details of the email and reduce the likelihood of chance deception because of clutter."

Vishwanath also advocates setting aside time to focus and respond to personal emails separately from work-related emails. For instance, setting aside a time each day for responding to personal banking emails gives you time to process them more clearly and consider their legitimacy before responding.

The integrated information processing model of phishing susceptibility presented in this study is grounded in prior research in information processing and interpersonal deception.

"We refined and validated our model using a sample of intended victims of an actual phishing attack," Vishwanath says.

Overall, their model explains close to fifty percent of the variance in individual phishing susceptibility.

"Our results indicate that people process most phishing emails peripherally and make decisions based on simple cues embedded in the email. Interestingly, urgency cues, i.e., threats and warnings, in the email stimulated increased information processing, short-circuiting the resources available for attending to other cues that could potentially help detect the deception.

"Our findings suggest that habitual patterns of media use combined with high levels of email load have a strong and significant influence on individuals' likelihood to be phished."

The study also showed that a person's competency with computing did not protect them from phishing scams, but their awareness about phishing in conjunction with healthy email habits, helped them avoid online deception.

Herath, who holds a PhD from UB, is an assistant professor in the Faculty of Business at Brock University. Chen, who holds a bachelor's and master's degree in computer science and a PhD in management science and systems from UB, is an assistant professor of information systems at Ball State. Wang, who holds a master's degree in industrial engineering and a PhD in management science and systems from UB, is an assistant professor of information systems and operations management, University of Texas, Arlington.

The University at Buffalo is a premier research-intensive public university, a flagship institution in the State University of New York system and its largest and most comprehensive campus. UB's more than 28,000 students pursue their academic interests through more than 300 undergraduate, graduate and professional degree programs. Founded in 1846, the University at Buffalo is a member of the Association of American Universities.

Patricia Donovan | EurekAlert!
Further information:
http://www.buffalo.edu

More articles from Information Technology:

nachricht New epidemic management system combats monkeypox outbreak in Nigeria
15.12.2017 | Helmholtz-Zentrum für Infektionsforschung

nachricht Gecko adhesion technology moves closer to industrial uses
13.12.2017 | Georgia Institute of Technology

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: First-of-its-kind chemical oscillator offers new level of molecular control

DNA molecules that follow specific instructions could offer more precise molecular control of synthetic chemical systems, a discovery that opens the door for engineers to create molecular machines with new and complex behaviors.

Researchers have created chemical amplifiers and a chemical oscillator using a systematic method that has the potential to embed sophisticated circuit...

Im Focus: Long-lived storage of a photonic qubit for worldwide teleportation

MPQ scientists achieve long storage times for photonic quantum bits which break the lower bound for direct teleportation in a global quantum network.

Concerning the development of quantum memories for the realization of global quantum networks, scientists of the Quantum Dynamics Division led by Professor...

Im Focus: Electromagnetic water cloak eliminates drag and wake

Detailed calculations show water cloaks are feasible with today's technology

Researchers have developed a water cloaking concept based on electromagnetic forces that could eliminate an object's wake, greatly reducing its drag while...

Im Focus: Scientists channel graphene to understand filtration and ion transport into cells

Tiny pores at a cell's entryway act as miniature bouncers, letting in some electrically charged atoms--ions--but blocking others. Operating as exquisitely sensitive filters, these "ion channels" play a critical role in biological functions such as muscle contraction and the firing of brain cells.

To rapidly transport the right ions through the cell membrane, the tiny channels rely on a complex interplay between the ions and surrounding molecules,...

Im Focus: Towards data storage at the single molecule level

The miniaturization of the current technology of storage media is hindered by fundamental limits of quantum mechanics. A new approach consists in using so-called spin-crossover molecules as the smallest possible storage unit. Similar to normal hard drives, these special molecules can save information via their magnetic state. A research team from Kiel University has now managed to successfully place a new class of spin-crossover molecules onto a surface and to improve the molecule’s storage capacity. The storage density of conventional hard drives could therefore theoretically be increased by more than one hundred fold. The study has been published in the scientific journal Nano Letters.

Over the past few years, the building blocks of storage media have gotten ever smaller. But further miniaturization of the current technology is hindered by...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

See, understand and experience the work of the future

11.12.2017 | Event News

Innovative strategies to tackle parasitic worms

08.12.2017 | Event News

AKL’18: The opportunities and challenges of digitalization in the laser industry

07.12.2017 | Event News

 
Latest News

Engineers program tiny robots to move, think like insects

15.12.2017 | Power and Electrical Engineering

One in 5 materials chemistry papers may be wrong, study suggests

15.12.2017 | Materials Sciences

New antbird species discovered in Peru by LSU ornithologists

15.12.2017 | Life Sciences

VideoLinks
B2B-VideoLinks
More VideoLinks >>>