Enabling Protection Motivation in Heuristic-Systematic Defense against Email Phishing • Weiai Wayne Xu, PhD Candidate, Department of Communication, SUNY- Buffalo • Arun Vishwanath, PhD, Associate Professor, Department of Communication, SUNY-Buffalo • Zhi Yang (Zed) Ngoh, Department of Communication, SUNY-Buffalo
9
Embed
How Do We Fight Email Phishing? (ICA2015 - San Juan, PR)
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Enabling Protection Motivation in Heuristic-Systematic Defense against Email Phishing
• Weiai Wayne Xu, PhD Candidate, Department of Communication, SUNY- Buffalo• Arun Vishwanath, PhD, Associate Professor, Department of Communication, SUNY-Buffalo• Zhi Yang (Zed) Ngoh, Department of Communication, SUNY-Buffalo
2014: The year of cybersecurity
We are the moles!
What we know so far…
Based on heuristic-systematic processing model (HSM) (Chen & Chaiken, 1999)
Heuristic processing: bypass in-depth thinking and instead rely on heuristics, rules of thumbs, past experience, and instincts (for efficiency)
Systematic processing: scrutinize all elements and aspects of information presented (for accuracy)
Based on protection motivation theory (PMT) (Rogers,1975)
Severity
Vulnerability
Response efficacy
Self-efficacy
Protection enactment
What we know so far…
The integrated model
• 288 students• A simulated phishing email disguised to originate
from the university’s student ID card office. • The phishing email requested the participants to
provide personal information to update their credit card information
The experiment
The results
Theoretical implication: • It is one of the few studies that applies the PMT framework to an
email phishing context• The incorporation of both PMT and HSM
Practical insights: • Fear drives protection and more mindful internet behavior• Skills/knowledge (self-efficacy) matters