User Perceptions of Phishing Consequence Severity and Likelihood, and Implications for Warning Message Design

Eleanor K. Foster, Keith S. Jones, Miriam E. Armstrong, Akbar S. Namin

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

To combat phishing, system messages warn users of suspected phishing attacks. However, users do not always comply with warning messages. One reason for non-compliance is that warning messages contradict how users think about phishing threats. To increase compliance, warning messages should align with user perceptions of phishing threat risks. How users think about phishing threats is not yet known. To identify how users perceive phishing threats, participants were surveyed about their perceptions of the severity and likelihood of 9 phishing consequences. Results revealed perceived severity and likelihood levels for each consequence, as well as relative differences between consequences. Concrete examples of warning messages that reflect these findings are provided.

Original languageEnglish
Title of host publicationAdvances in Human Factors in Robots, Unmanned Systems and Cybersecurity - Proceedings of the AHFE 2021
EditorsMatteo Zallio, Carlos Raymundo Ibañez, Jesus Hechavarria Hernandez
PublisherSpringer Science and Business Media Deutschland GmbH
Pages265-273
Number of pages9
ISBN (Print)9783030799960
DOIs
StatePublished - 2021
EventAHFE Conference on Human Factors in Robots, Drones and Unmanned Systems, and AHFE Conference on Human Factors in Cybersecurity, 2021 - Virtual, Online
Duration: Jul 25 2021Jul 29 2021

Publication series

NameLecture Notes in Networks and Systems
Volume268
ISSN (Print)2367-3370
ISSN (Electronic)2367-3389

Conference

ConferenceAHFE Conference on Human Factors in Robots, Drones and Unmanned Systems, and AHFE Conference on Human Factors in Cybersecurity, 2021
CityVirtual, Online
Period07/25/2107/29/21

Keywords

  • Consequence
  • Cybersecurity
  • Human factors
  • Likelihood
  • Message
  • Phishing
  • Risk
  • Severity
  • Social engineering
  • Warning

Fingerprint

Dive into the research topics of 'User Perceptions of Phishing Consequence Severity and Likelihood, and Implications for Warning Message Design'. Together they form a unique fingerprint.

Cite this