EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Research Note ---Influence Techniques in Phishing Attacks: An Examination of Vulnerability and Resistance

Ryan T. Wright (), Matthew L. Jensen (), Jason Bennett Thatcher (), Michael Dinger () and Kent Marett ()
Additional contact information
Ryan T. Wright: Isenberg School of Management, University of Massachusetts, Amherst, Massachusetts 01003
Matthew L. Jensen: Division of MIS, Center for Applied Social Research, University of Oklahoma, Norman, Oklahoma 73019
Jason Bennett Thatcher: Social Analytics Institute, Department of Management, Clemson University, Clemson, South Carolina 29634
Michael Dinger: Johnson College of Business and Economics, University of South Carolina Upstate, Spartanburg, South Carolina 29306
Kent Marett: Department of Management and Information Systems, College of Business, Mississippi State University, Mississippi State, Mississippi 39762

Information Systems Research, 2014, vol. 25, issue 2, 385-400

Abstract: Phishing is a major threat to individuals and organizations. Along with billions of dollars lost annually, phishing attacks have led to significant data breaches, loss of corporate secrets, and espionage. Despite the significant threat, potential phishing targets have little theoretical or practical guidance on which phishing tactics are most dangerous and require heightened caution. The current study extends persuasion and motivation theory to postulate why certain influence techniques are especially dangerous when used in phishing attacks. We evaluated our hypotheses using a large field experiment that involved sending phishing messages to more than 2,600 participants. Results indicated a disparity in levels of danger presented by different influence techniques used in phishing attacks. Specifically, participants were less vulnerable to phishing influence techniques that relied on fictitious prior shared experience and were more vulnerable to techniques offering a high level of self-determination. By extending persuasion and motivation theory to explain the relative efficacy of phishers' influence techniques, this work clarifies significant vulnerabilities and lays the foundation for individuals and organizations to combat phishing through awareness and training efforts.

Keywords: phishing; persuasion theory; influence techniques; motivation theory; self-determination; perceived locus of causality; social engineering; online deception; mediated deception; deception; field experiments (search for similar items in EconPapers)
Date: 2014
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (5)

Downloads: (external link)
http://dx.doi.org/10.1287/isre.2014.0522 (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:inm:orisre:v:25:y:2014:i:2:p:385-400

Access Statistics for this article

More articles in Information Systems Research from INFORMS Contact information at EDIRC.
Bibliographic data for series maintained by Chris Asher ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:inm:orisre:v:25:y:2014:i:2:p:385-400