O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

How Do We Fight Email Phishing? (ICA2015 - San Juan, PR)

539 visualizações

Publicada em

A research presentation made in ICA2015:

Email phishing poses a grave security threat to national governments, business operations and average Internet users. The current study presents a model of counter-phishing protective behaviour based on email users' cognitive appraisal of phishing threat and systematic/heuristic processing of email content. The model integrates the theoretical frameworks of protection motivation theory and heuristic-systematic model of information processing. Findings suggest that protective behaviour against email phishing is predicted by a high degree of perceived severity and vulnerability towards cybersecurity risks, a high level of self-efficacy in performing cybersecurity checks and efficacy in responding using cybersecurity tools. The perceived severity, along with the elevated degree of protective behaviour, predicts systematic processing of phishing emails.

Publicada em: Tecnologia
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

How Do We Fight Email Phishing? (ICA2015 - San Juan, PR)

  1. 1. Enabling Protection Motivation in Heuristic-Systematic Defense against Email Phishing • Weiai Wayne Xu, PhD Candidate, Department of Communication, SUNY- Buffalo • Arun Vishwanath, PhD, Associate Professor, Department of Communication, SUNY-Buffalo • Zhi Yang (Zed) Ngoh, Department of Communication, SUNY-Buffalo
  2. 2. 2014: The year of cybersecurity
  3. 3. We are the moles!
  4. 4. What we know so far… Based on heuristic-systematic processing model (HSM) (Chen & Chaiken, 1999) Heuristic processing: bypass in- depth thinking and instead rely on heuristics, rules of thumbs, past experience, and instincts (for efficiency) Systematic processing: scrutinize all elements and aspects of information presented (for accuracy)
  5. 5. Based on protection motivation theory (PMT) (Rogers,1975) Severity Vulnerability Response efficacy Self-efficacy Protection enactment What we know so far…
  6. 6. The integrated model
  7. 7. • 288 students • A simulated phishing email disguised to originate from the university’s student ID card office. • The phishing email requested the participants to provide personal information to update their credit card information The experiment
  8. 8. The results
  9. 9. Theoretical implication: • It is one of the few studies that applies the PMT framework to an email phishing context • The incorporation of both PMT and HSM Practical insights: • Fear drives protection and more mindful internet behavior • Skills/knowledge (self-efficacy) matters Takeaway