Cognitive Engineering Modeling of Phishing
Event Type
Virtual Program Session
TimeFriday, October 14th12:30pm - 12:45pm EDT
DescriptionUsing signal detection theory (SDT) and fuzzy SDT, the influence of familiarity with phishing and having a background in cybersecurity on phishing behavior was examined. The results from SDT analysis indicated that familiarity with phishing only accounted for 11% of the variance in sensitivity and 5% in bias. When examining the same using Fuzzy SDT, familiarity with phishing accounted for 6% of the variance in bias. Background in cybersecurity had a statistically significant effect on sensitivity and bias in classical SDT but only on bias in fuzzy SDT. A confusion matrix revealed that the percentage of successfully transmitted infor- mation from the stimuli to the judgements made by participants was only 26%. Participants most frequently identified requests for personal information in stimulus emails as phishing cues. Future research should continue to explore application of the different cognitive engineering models to phishing behavior.