The effects of cue utilization and cognitive load in the detection of phishing emails

George Nasser, Ben W. Morrison*, Piers Bayl-Smith, Ronnie Taib, Michael Gayed, Mark W. Wiggins

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

Abstract

Phishing emails represent a major threat to online information security. While the prevailing research is focused on users’ susceptibility, few studies have considered the decision making strategies that account for skilled detection. One relevant facet of decision making is cue utilization, where users retrieve feature-event associations stored in long-term memory. High degrees of cue utilization help reduce the demands placed on working memory (i.e., cognitive load), and invariably improve decision performance (i.e., the information-reduction hypothesis in expert performance). The current study explored the effect of cue utilization and cognitive load when detecting phishing emails. A total of 50 undergraduate students completed: (1) a rail control task and; (2) a phishing detection task. A cue utilization assessment battery (EXPERTise 2.0) then classified participants with either higher or lower cue utilization. As expected, higher cue utilization was associated with a greater likelihood of detecting phishing emails. However, variation in cognitive load had no effect on phishing detection, nor was there an interaction between cue utilization and cognitive load. These findings have implications for our understanding of cognitive mechanisms that underpin the detection of phishing emails and the role of factors beyond the information-reduction hypothesis.

Original languageEnglish
Title of host publicationFinancial Cryptography and Data Security
Subtitle of host publicationFC 2020 International Workshops, AsiaUSEC, CoDeFi, VOTING, and WTSC, Revised Selected Papers
EditorsMatthew Bernhard, Andrea Bracciali, L. Jean Camp, Shin’ichiro Matsuo, Alana Maurushat, Peter B. Rønne, Massimiliano Sala
Place of PublicationSwitzerland
PublisherSpringer
Pages47-55
Number of pages9
ISBN (Electronic)9783030544553
ISBN (Print)9783030544546
DOIs
Publication statusPublished - 2020
Event1st Asian Workshop on Usable Security, AsiaUSEC 2020, the 1st Workshop on Coordination of Decentralized Finance, CoDeFi 2020, the 5th Workshop on Advances in Secure Electronic Voting, VOTING 2020, and the 4th Workshop on Trusted Smart Contracts, WTSC 2020, held at the 24th International Conference on Financial Cryptography and Data Security, FC 2020 - Kota Kinabalu, Malaysia
Duration: 14 Feb 202014 Feb 2020

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12063
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference1st Asian Workshop on Usable Security, AsiaUSEC 2020, the 1st Workshop on Coordination of Decentralized Finance, CoDeFi 2020, the 5th Workshop on Advances in Secure Electronic Voting, VOTING 2020, and the 4th Workshop on Trusted Smart Contracts, WTSC 2020, held at the 24th International Conference on Financial Cryptography and Data Security, FC 2020
CountryMalaysia
CityKota Kinabalu
Period14/02/2014/02/20

Keywords

  • phishing emails
  • cue utilization
  • decision making
  • cognitive load

Fingerprint Dive into the research topics of 'The effects of cue utilization and cognitive load in the detection of phishing emails'. Together they form a unique fingerprint.

Cite this