The effects of cue utilization and cognitive load in the detection of phishing emails

George Nasser, Ben W. Morrison*, Piers Bayl-Smith, Ronnie Taib, Michael Gayed, Mark W. Wiggins

*Corresponding author for this work

    Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

    2 Citations (Scopus)

    Abstract

    Phishing emails represent a major threat to online information security. While the prevailing research is focused on users’ susceptibility, few studies have considered the decision making strategies that account for skilled detection. One relevant facet of decision making is cue utilization, where users retrieve feature-event associations stored in long-term memory. High degrees of cue utilization help reduce the demands placed on working memory (i.e., cognitive load), and invariably improve decision performance (i.e., the information-reduction hypothesis in expert performance). The current study explored the effect of cue utilization and cognitive load when detecting phishing emails. A total of 50 undergraduate students completed: (1) a rail control task and; (2) a phishing detection task. A cue utilization assessment battery (EXPERTise 2.0) then classified participants with either higher or lower cue utilization. As expected, higher cue utilization was associated with a greater likelihood of detecting phishing emails. However, variation in cognitive load had no effect on phishing detection, nor was there an interaction between cue utilization and cognitive load. These findings have implications for our understanding of cognitive mechanisms that underpin the detection of phishing emails and the role of factors beyond the information-reduction hypothesis.

    Original languageEnglish
    Title of host publicationFinancial Cryptography and Data Security
    Subtitle of host publicationFC 2020 International Workshops, AsiaUSEC, CoDeFi, VOTING, and WTSC, Revised Selected Papers
    EditorsMatthew Bernhard, Andrea Bracciali, L. Jean Camp, Shin’ichiro Matsuo, Alana Maurushat, Peter B. Rønne, Massimiliano Sala
    Place of PublicationSwitzerland
    PublisherSpringer
    Pages47-55
    Number of pages9
    ISBN (Electronic)9783030544553
    ISBN (Print)9783030544546
    DOIs
    Publication statusPublished - 2020
    Event1st Asian Workshop on Usable Security, AsiaUSEC 2020, the 1st Workshop on Coordination of Decentralized Finance, CoDeFi 2020, the 5th Workshop on Advances in Secure Electronic Voting, VOTING 2020, and the 4th Workshop on Trusted Smart Contracts, WTSC 2020, held at the 24th International Conference on Financial Cryptography and Data Security, FC 2020 - Kota Kinabalu, Malaysia
    Duration: 14 Feb 202014 Feb 2020

    Publication series

    NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    Volume12063
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Conference

    Conference1st Asian Workshop on Usable Security, AsiaUSEC 2020, the 1st Workshop on Coordination of Decentralized Finance, CoDeFi 2020, the 5th Workshop on Advances in Secure Electronic Voting, VOTING 2020, and the 4th Workshop on Trusted Smart Contracts, WTSC 2020, held at the 24th International Conference on Financial Cryptography and Data Security, FC 2020
    Country/TerritoryMalaysia
    CityKota Kinabalu
    Period14/02/2014/02/20

    Keywords

    • phishing emails
    • cue utilization
    • decision making
    • cognitive load

    Fingerprint

    Dive into the research topics of 'The effects of cue utilization and cognitive load in the detection of phishing emails'. Together they form a unique fingerprint.

    Cite this