Sijie Zhuo (University of Auckland), Robert Biddle (University of Auckland and Carleton University, Ottawa), Lucas Betts, Nalin Asanka Gamagedara Arachchilage, Yun Sing Koh, Danielle Lottridge, Giovanni Russello (University of Auckland)

Phishing is when social engineering is used to deceive a person into sharing sensitive information or downloading malware. Research on phishing susceptibility has focused on personality traits, demographics, and design factors related to the presentation of phishing. There is very little research on how a person’s state of mind might impact outcomes of phishing attacks. We conducted a scenario-based in-lab experiment with 26 participants to examine whether workload affects risky cybersecurity behaviours. Participants were tasked to manage 45 emails for 30 minutes, which included 4 phishing emails. We found that, under high workload, participants had higher physiological arousal and longer fixations, and spent half as much time reading email compared to low workload. There was no main effect for workload on phishing clicking, however a post-hoc analysis revealed that participants were more likely to click on task-relevant phishing emails compared to non-relevant phishing emails during high workload whereas there was no difference during low workload. We discuss the implications of state of mind and attention related to risky cybersecurity behaviour.

View More Papers

A Two-Layer Blockchain Sharding Protocol Leveraging Safety and Liveness...

Yibin Xu (University of Copenhagen), Jingyi Zheng (University of Copenhagen), Boris Düdder (University of Copenhagen), Tijs Slaats (University of Copenhagen), Yongluan Zhou (University of Copenhagen)

Read More

Investigating User Behaviour Towards Fake News on Social Media...

Yasmeen Abdrabou (University of the Bundeswehr Munich), Elisaveta Karypidou (LMU Munich), Florian Alt (University of the Bundeswehr Munich), Mariam Hassib (University of the Bundeswehr Munich)

Read More

Group-based Robustness: A General Framework for Customized Robustness in...

Weiran Lin (Carnegie Mellon University), Keane Lucas (Carnegie Mellon University), Neo Eyal (Tel Aviv University), Lujo Bauer (Carnegie Mellon University), Michael K. Reiter (Duke University), Mahmood Sharif (Tel Aviv University)

Read More

SyzBridge: Bridging the Gap in Exploitability Assessment of Linux...

Xiaochen Zou (UC Riverside), Yu Hao (UC Riverside), Zheng Zhang (UC RIverside), Juefei Pu (UC RIverside), Weiteng Chen (Microsoft Research, Redmond), Zhiyun Qian (UC Riverside)

Read More