Dealing with phishing emails: Effects of response inhibition on email decision-making

Channa-Blue Scott. 2016

Abstract

This experiment aimed to investigate the effects of response inhibition on email decision-making. Current perspectives suggest email decision-making operates via a similar framework to gambling decisions in encapsulating decisions in terms of low and high risk, particularly with regards to the phishing emails on which this study focuses. Previous research showed a stop-signal training task had an inhibitory effect on later performance in a gambling task, causing participants to make lower-risk betting decisions (Verbruggen, Adams, & Chambers, 2012). Speeded responses have been shown to lead to more errors in email decision-making, quantified as failure to identify phishing emails. Two forms of response inhibition were administered to assess these effects on email decision-making: stop-signal training and forced response delay. Research predicted both singular and combined effects of these interventions on email decision-making. 20 students participated in a three-phase experiment constituting two email decision tasks with an intermediate stop-signal training stage. Responses were scored for legitimate and phishing emails based on low to high risk. Primary analysis concerned phishing scores as most relevant to assessment of risky decisions. A mixed-factor ANOVA found no effect of forced response delay on email decision-making. No combined effect of stop-signal training and forced response delay on phishing scores was observed. Independent samples t-test analysis revealed a significant effect of stop-signal training on phishing scores, with participants who had undergone stop-signal training making lower-risk decisions than those who had not. This mirrored results of Verbruggen et al. (2012) in successfully generalising cautious responding to later task performance.