The Psychology of Phish: The Role of “Authenticity Markers” And Intuitive and Rational Decision-Making Regarding Phishing Scams.

Thomas A. Lee. 2014.

The present study aimed to determine if people could use content-based features to detect phishing scams. To do this, participants were presented with 16 emails, 8 of which were real and 8 were specially constructed phishing scams. These scams had one from a possible four essential security indicators termed “authenticity markers” (presence of logo, spelling accuracy, font accuracy and suspiciousness of URLS) manipulated to observe how participants responded to them. An additional manipulation was the strategy of decision-making employed, either rational or intuitive. Results revealed that although rational decision-making led to higher overall accuracy, intuitive decision-making was actually more effective for dealing with phishing scams. The type of authenticity marker manipulation had a significant effect on accuracy of responses with logo and font manipulations being the least well detected. The implications of these results for internet safety are discussed.