Updated 26 July 2013

Phishing-victim? Blame your personality

People with certain personality traits are more likely to fall prey to phishing e-mails, researchers have found.

 The author of a paper to be presented at the upcoming 2013 International Human Factors and Ergonomics Society Annual Meeting has described behavioural, cognitive, and perceptual attributes of e-mail users who are vulnerable to phishing attacks. Phishing is the use of fraudulent e-mail correspondence to obtain passwords and credit card information, or to send viruses.

In "Keeping Up With the Joneses: Assessing Phishing Susceptibility in an E-mail Task," Kyung Wha Hong discovered that people who were overconfident, introverted, or women were less able to accurately distinguish between legitimate and phishing e-mails.

She had participants complete a personality survey and then asked them to scan through both legitimate and phishing e-mails and either delete suspicious or spam e-mails, leave legitimate e-mails as is, or mark e-mails that required actions or responses as "important”.

What the study found

"The results showed a disconnect between confidence and actual skill, as the majority of participants were not only susceptible to attacks but also overconfident in their ability to protect themselves," says Hong. Although 89% of the participants indicated they were confident in their ability to identify malicious e-mails, 92% of them misclassified phishing e-mails.

Almost 52% in the study misclassified more than half the phishing e-mails, and 54% deleted at least one authentic e-mail.

Gender, trust, and personality were correlated with phishing vulnerability. Women were less likely than men to correctly label phishing e-mails, and subjects who self-reported as "less trusting, introverts, or less open to new experiences" were more likely to delete legitimate e-mails.

Hong will continue to develop a user profile that can predict when and with whom phishing attacks are likely to be successful. Information gained in these studies will be used to design effective tools to prevent and combat phishing attacks.





Get a quote


Read Health24’s Comments Policy

Comment on this story
1 comment
Comments have been closed for this article.

Live healthier

Up for grabs! »

To vape or not to vape? Twisp's new range of e-cigs Discover your Twisp

Win one of the 3 new devices from Twisp!

Now you can stand a chance of winning one of the 3 new devices, as well as flavours and accessories worth R2000 each!

Love your heart »

SA dying of heart disease Natural trans fats good for heart Heart probs and sex life

How old is your heart? Take this test

What's your heart age? Use the calculator to see the real age of your heart. Post your results in the comments!