The Influence of Experiential and Dispositional Factors in Phishing: An Empirical Investigation of the Deceived

• Published in: Journal of management information systems Vol. 27; no. 1; pp. 273 - 303
• Main Authors: Wright, Ryan T., Marett, Kent
• Format: Journal Article
• Language: English
• Published: Abingdon Routledge 01.07.2010; M. E. Sharpe; Sharpe; Taylor & Francis Ltd
• Subjects: computer-mediated deception; Cybercrime; Cybersecurity; Datensicherheit; E-Mail; electronic mail fraud; Electronic mail systems; Email; Empirical research; Information and communication technologies; Information storage and retrieval systems; Information systems; Information technology; Internet; Internet fraud; Internet security; interpersonal deception theory; IT-Kriminalität; Management information systems; Personal information; Phishing; Piracy; Research design; Software; Studies; Trust; Verhalten; United States > US
• ISSN: 0742-1222; 1557-928X
• DOI: 10.2753/MIS0742-1222270111

Phishing has been a major problem for information systems managers and users for several years now. In 2008, it was estimated that phishing resulted in close to $50 billion in damages to U.S. consumers and businesses. Even so, research has yet to explore many of the reasons why Internet users continue to be exploited. The goal of this paper is to better understand the behavioral factors that may increase one's susceptibility for complying with a phisher's request for personal information. Using past research on deception detection, a research model was developed to help explain compliant phishing responses. The model was tested using a field study in which each participant received a phishing e-mail asking for sensitive information. It was found that four behavioral factors were influential as to whether the phishing e-mails were answered with sensitive information. The paper concludes by suggesting that the behavioral aspect of susceptible users be integrated into the current tools and materials used in antiphishing efforts.