The Psychology of Phishing: Why Users Fall Victim to Deceptive Emails


Authors : Freyha A. Bahari; Tadzmera A. Daud; Mhesi D. Arabbi; Noralyn I. Jalah; Nuralyn O. Adjid; Fatmahal Abah; Sitti Aiman A. Amiddin; Ayang A. Ibno; Alsanoh S. Abduhail; Masukud Ajijul; Riza M. Sali; Shernahar K. Tahil

Volume/Issue : Volume 9 - 2024, Issue 12 - December

Google Scholar : https://tinyurl.com/4x9tj3jm

Scribd : https://tinyurl.com/3zj2z4mr

DOI : https://doi.org/10.5281/zenodo.14610632

Abstract : Phishing emails are type of Social Engineering attacks which are currently among the most widespread cybersecurity threat due to their impact on human psychology. These attacks aim to gain sensitive information from the user such as passwords, banking details, or personal information. This research aims at identifying the psychological factors that make users vulnerable to phishing including, manipulation of trust and credibility, cognitive biases and heuristics, emotional triggers, social proof, and scarcity. Through the evaluation of these factors, this paper offers information on how phishing schemes exploits authority, self-control bias, and scarcity. Based on the findings of the present research, it concerns the increased user awareness and the developing tools to prepare individuals to stand against any phishing attacks. This study contributes to the understanding on how and why phishing occurs, as well as it offers suggestions for addressing the problem.

Keywords : Susceptibility, Psychological Vulnerabilities, Phishing, Heuristics.

References :

  1. Alseadon, A. (2014). The impact of personality traits on phishing susceptibility: The case of Saudi Arabia. International Journal of Computer Application.
  2. Butavicius, M., Parsons, K., Pattison, M., & McCormac, A. (2016). Breaching the human firewall: Social engineering in phishing and spear phishing e – mails.
  3. Diaz, A., Sherman, A. T., & Joshi, A. (2018). Phishing in an academic community: A study of user susceptibility and behaivior.
  4. Luo, X., Zhang, W., Burd, S., & Seazzu, A. (2013). Investigating phishing victimization with the phishing heuristic – semantic model: A theoretical framework and an explanation. Computer & Security.
  5. Robert Cialdini: “Dr. Robert Cialdini’s seven principles of persuasion, IAW”. Influence work retrieved 18 May 2022.
  6. Desolda, G., Ferro, L. S., Marella, A., Catarci, T., & Costabile, M. F. (2020). Human factors in phishing attacks: A systematic literature review., AMC Computing surveys.
  7. Jain. A. K., & Gupta, B. B. (2017). Phishing detection: Analysis of visual similarity – based approaches. Security and communication network.
  8. Alkhalil., Z., Hewage, C., Nawaf, L., & Khan, I. (2021). Phishing attacks: A recent comprehensive study and a new anatomy.
  9. Frontiers in computer science. 3.
  10. McAlaney, J., & Hills, P. J. (2020). Understanding phishing email processing and perceived trustworthnes through eye tracking. Frontiers in psychology.
  11. PositivePsychology.co. (2020, April 4). What is cognitive bias? 7 examples & resources (Incl. Codex).

Phishing emails are type of Social Engineering attacks which are currently among the most widespread cybersecurity threat due to their impact on human psychology. These attacks aim to gain sensitive information from the user such as passwords, banking details, or personal information. This research aims at identifying the psychological factors that make users vulnerable to phishing including, manipulation of trust and credibility, cognitive biases and heuristics, emotional triggers, social proof, and scarcity. Through the evaluation of these factors, this paper offers information on how phishing schemes exploits authority, self-control bias, and scarcity. Based on the findings of the present research, it concerns the increased user awareness and the developing tools to prepare individuals to stand against any phishing attacks. This study contributes to the understanding on how and why phishing occurs, as well as it offers suggestions for addressing the problem.

Keywords : Susceptibility, Psychological Vulnerabilities, Phishing, Heuristics.

Never miss an update from Papermashup

Get notified about the latest tutorials and downloads.

Subscribe by Email

Get alerts directly into your inbox after each post and stay updated.
Subscribe
OR

Subscribe by RSS

Add our RSS to your feedreader to get regular updates from us.
Subscribe