Anatomy of Phishing Tactics and Susceptibility

Bera, Debalina, Gene Moo Lee, Dan J. Kim “Anatomy of Phishing Tactics and Susceptibility: An Investigation of the Dynamics of Phishing Tactics and Contextual Traits in Susceptibility,” Working Paper.

Phishing is a deceptive tactic to create a front of apparent credibility to fraudulently acquire sensitive personal or financial information from an unsuspecting user or espionage system by infiltrating malware or crimeware. Despite automated technological solutions and training interventions, recent phishing statistics show that specifically few phishing tactics are increasing users’ phishing susceptibility (PS). Further, assessing the moderating role of phishing contextual traits in the relationship between phishing tactics and PS indicates the importance of their trait differences. Based on theoretical postulation, employing a sequential mixed method design, and using two sets of data (simulated phishing penetration testing results and scenario-based experiments), we examine the effect of phishing tactics along with the moderating role of individual phishing contextual traits on PS. This study extends the theoretical boundary relevant to phishing tactics and provides practical guidance to identify the most dangerous phishing tactics that increase PS and phishing contextual traits that help to combat phishing attacks.