So Many Phish, So Little Time: Exploring Email Task Factors and Phishing Susceptibility.

OBJECTIVE

The present studies examine how task factors (e.g., email load, phishing prevalence) influence email performance.

BACKGROUND

Phishing emails are a paramount cybersecurity threat for the modern email user. Research attempting to understand how users are susceptible to phishing attacks has been limited and has not fully explored how task factors (e.g., prevalence, email load) influence accurate detection.

METHOD

In three experiments, participants classified emails as either legitimate or not legitimate and reported on a variety of other categorizations. The first two experiments examined how email load and phishing prevalence influence phishing detection independently. The third experiment examined the interaction of these two factors to determine whether they have compounding effects. All three experiments utilized individual difference variables to examine how cognitive, behavioral, and personality factors may influence classifications.

RESULTS

Experiment 1 suggests that high email load can make the task appear more challenging. Experiment 2 indicates that low phishing prevalence can decrease sensitivity for phishing emails. Experiment 3 demonstrates that high levels of email load can decrease classification accuracy under 50/50 prevalence rates. Notably, performance was poor across all experiments, with phishing detection near chance levels and low discriminability for emails. Participants demonstrated poor metacognition with over confidence, low self-reported difficulty, and low perceived threat for the emails.

CONCLUSION

Overall, the present studies suggest that high email load and low phishing prevalence can influence email classifications.

APPLICATION

Organizations and researchers should consider the influences of both email load and phishing prevalence when implementing phishing interventions.