Visible to the public Investigating the Effect of Phishing Believability on Phishing Reporting

TitleInvestigating the Effect of Phishing Believability on Phishing Reporting
Publication TypeConference Paper
Year of Publication2022
AuthorsKersten, Leon, Burda, Pavlo, Allodi, Luca, Zannone, Nicola
Conference Name2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
Keywordscontrolled experiment, Correlation, Electronic mail, Human Behavior, Layout, Organizations, phishing, Postal services, pubcrawl, reporting
AbstractPhishing emails are becoming more and more sophisticated, making current detection techniques ineffective. The reporting of phishing emails from users is, thus, crucial for organizations to detect phishing attacks and mitigate their effect. Despite extensive research on how the believability of a phishing email affects detection rates, there is little to no research about the relationship between the believability of a phishing email and the associated reporting rate. In this work, we present a controlled experiment with 446 subjects to evaluate how the reporting rate of a phishing email is linked to its believability and detection rate. Our results show that the reporting rate decreases as the believability of the email increases and that around half of the subjects who detect the mail as phishing, have an intention to report the email. However, the group intending to report an email is not a subset of the group detecting the mail as phishing, suggesting that reporting is still a concept misunderstood by many.
NotesISSN: 2768-0657
DOI10.1109/EuroSPW55150.2022.00018
Citation Keykersten_investigating_2022