Article Review 2

Article review #2 Unraveling Phishing Susceptibility: Behavioral Insights and Cybersecurity Implications

Michael Amoah

Department of Cybersecurity, Old Dominion University

Cybersecurity and the Social Sciences 201S

Diwakar Yalpi

November 17, 2024

Relation to Social Science Principles

The principles of social science also known as cognitive behavior and social behavior have consequences on cybersecurity vulnerabilities that could be used in order to research human factors in phishing. This paper reviews phishing, a social engineering technique based on human vulnerability to trust, obedience to authority, and gullibility toward fraud.

Research Questions or Hypotheses

This study tried to verify three hypotheses:

The susceptibility to phishing e-mails is influenced by the scam type in the e-mail.

The more email adaptations for personalization, the higher the susceptibility.

The higher the use of influence techniques, such as authority and scarcity, the greater the susceptibility.

Research Methods

The authors conducted a repeated measures field experiment:

Phishing emails were simulated and sent to 102 participants from Swedish organizations.

To tease apart the effects of scam type, personalization, and influence techniques, a multilevel model was followed.

Randomization was ensured to vary both email features and delivery timing.

Data and Analysis

Data: 2,294 emails were classified by scam type, personalization level, and influence technique. Analysis: Logistic regression models tested the chances of participants clicking on phishing links or executing malicious code which accounted for 6% variance when clicking on a link susceptibility and 3% in executing code. Influence techniques did not have a significant effect, the opposite of the hypothesis. This is related to the topic of Relation to Presentation Concepts.

The study intersects with the main principles of social engineering and human error in cybersecurity issues, often discussed within the realms of social sciences and behavioral psychology. As concepts go, susceptibility to persuasion that is, Cialdini’s principles and decision-making under uncertainty are central. This is related to the topic of Relation to Marginalized Groups.

Although the study did not explicitly target these very large groups of marginalized people, the implication of its findings brings out inequality in cybersecurity education and awareness that is seriously lacking in today’s society. Such marginalized communities might show greater vulnerability due to systemic inequalities in their digital literacy and resources.

Overall Contributions to Society

This research underlines the complexity of phishing susceptibility, receiving an email does not effectively predict victimization. The findings support the need for larger adjustments:

 Phishing scam awareness should be focused more, rather than personalization and influencing techniques.

Develop a way to improve cybersecurity training and defenses for businesses and personnel.

Conclusion

This study helps further our current understanding of phishing attacks by challenging assumptions about the effectiveness of personalization and influence techniques. Its findings bring about better-targeted cybersecurity policies and education initiatives.

References

Sommestad, T., & Karlzén, H. (2024). The unpredictability of phishing susceptibility: Results from a repeated measures experiment. Journal of Cybersecurity, 10(1). https://doi.org/10.1093/cybsec/tyae021