University of Twente Student Theses

Login

Behavioural Measures of Phishing Susceptibility: Examining the Influence of Individual and Situational Factors on Email Management Decision-making through Eye-tracking

Rothert, J. (2023) Behavioural Measures of Phishing Susceptibility: Examining the Influence of Individual and Situational Factors on Email Management Decision-making through Eye-tracking.

[img] PDF
1MB
Abstract:Phishing attacks continue to pose a significant threat to cybersecurity, with end-users often considered the weakest link. However, it remains unclear why some end-users fall victim to these phishing scams while the large majority do not. This study aims to explore whether cognitive factors and time pressure, which have been linked to increased phishing susceptibility in prior research, affect email management decision-making. Additionally, the study uses eye-tracking technology to investigate the relationship between viewing behaviour to phishing indicators and email judgment performance. By doing so, it seeks to provide a more comprehensive understanding of why certain individuals are more susceptible. The results reveal that time constraints and cognitive tasks did not affect email legitimacy task performance. However, the eye-tracking data shows that participants exhibit the highest visual attention (measured by fixation duration, fixation count, and mean fixation duration) towards sender information in phishing emails, positively affecting email judgment. Conversely, visual attention towards threat and urgency indicators negatively impacts judgment performance, and when faced time constraints proportionately more visual attention is given to these indicators compared to not being under time pressure. Visual attention to suspicious URLs does not significantly affect email judgment performance. This study highlights the feasibility of employing eye-tracking technology to gain insights into individuals' visual processing of phishing emails, which could benefit the design of technological and human-centered interventions to mitigate phishing risks.
Item Type:Essay (Master)
Faculty:BMS: Behavioural, Management and Social Sciences
Subject:77 psychology
Programme:Psychology MSc (66604)
Link to this item:https://purl.utwente.nl/essays/95087
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page