Abstract:
This study investigated the roles of phishing knowledge, cue utilization, and decision styles in contributing to phishing email detection. Participants (N = 145) completed an online email sorting task, and measures of phishing knowledge, email decision styles, cue utilization, and email security awareness. Cue utilization was the only factor that uniquely predicted the capacity to discriminate phishing from genuine emails. Phishing knowledge was associated with greater phishing detection and a bias towards classifying all emails as phishing. A preference for intuitive decision making predicted lower detection of phishing emails, driven by a greater tendency to classify emails as genuine. These findings support the proposition that cue utilization is a distinct cognitive process that enables expert performance. The outcomes indicate that, in addition to increasing phishing knowledge and developing safe behavioral patterns, anti-phishing training needs to provide opportunities for trainees to develop meaningful cue associations.
摘要:
本研究调查了网络钓鱼知识的作用,提示利用率,和决策风格有助于网络钓鱼电子邮件检测。参与者(N=145)完成了在线电子邮件分类任务,以及网络钓鱼知识的衡量标准,电子邮件决策风格,提示利用率,电子邮件安全意识。线索利用率是唯一预测将网络钓鱼与真实电子邮件区分开的能力的唯一因素。网络钓鱼知识与更大的网络钓鱼检测以及将所有电子邮件分类为网络钓鱼的偏见相关联。对直观决策的偏好预测了对网络钓鱼电子邮件的较低检测,受到将电子邮件分类为真实电子邮件的更大趋势的驱动。这些发现支持这样的主张,即线索利用是一个独特的认知过程,可以实现专家的表现。结果表明,除了增加网络钓鱼知识和发展安全的行为模式,反网络钓鱼培训需要为学员提供发展有意义的线索协会的机会。
