Abstract | ||
---|---|---|
Purpose - The purpose of this study is to explore how the opening phrase of a phishing email influences the action taken by the recipient.Design/methodology/approach - Two types of phishing emails were sent to 593 employees, who were asked to provide personally identifiable information (PII). A personalised spear phishing email opening was randomly used in half of the emails.Findings - Nineteen per cent of the employees provided their PII in a general phishing email, compared to 29 per cent in the spear phishing condition. Employees having a high power distance cultural background were more likely to provide their PII, compared to those with a low one. There was no effect of age on providing the PII requested when the recipient's years of service within the organisation is taken into account.Practical implications - This research shows that success is higher when the opening sentence of a phishing email is personalised. The resulting model explains victimisation by phishing emails well, and it would allow practitioners to focus awareness campaigns to maximise their effect.Originality/value - The innovative aspect relates to explaining spear phishing using four sociodemographic variables. |
Year | DOI | Venue |
---|---|---|
2017 | 10.1108/ICS-03-2017-0009 | INFORMATION AND COMPUTER SECURITY |
Keywords | DocType | Volume |
Gender, Culture, Age, Spear phishing, Years of service | Journal | 25 |
Issue | ISSN | Citations |
5 | 2056-4961 | 0 |
PageRank | References | Authors |
0.34 | 0 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jan-Willem Bullee | 1 | 4 | 1.42 |
Lorena Montoya | 2 | 19 | 5.24 |
Marianne Junger | 3 | 14 | 5.58 |
Pieter H. Hartel | 4 | 0 | 1.01 |