IJISC
  • Indexed in

  • Latest News

    December 30, 2024
    Volume 13, Issue 2 of the International Journal of Information Security and Cybercrime was published
    July 1, 2024
    Volume 13, Issue 1 of the International Journal of Information Security and Cybercrime was published
    December 27, 2023
    Volume 12, Issue 2 of the International Journal of Information Security and Cybercrime was published
  • --- More News ---
  • Popular Articles

  • The Role of Phishing Victims’ Neuroticism: Reasons Behind the Lack of Consensus


    Author(s): LÓPEZ-AGUILAR, Pablo; SOLANAS, Agusti

    Quick view | Full article | Citations | Views: 421


    Author(s) keywords: , , ,


    Reference keywords: , ,


    Abstract:

    The growing use of electronic devices along with the anxiety resulting from the COVID19 pandemic set the ground for cybercriminals to take advantage of a larger number of victims and undertake their massive phishing campaigns. Technical measures are widely developed, and the human factor is still the weakest link in the chain. Whilst existing literature suggests that the effect of neuroticism, as one of the Big-Five personality traits, might play an important role in human behaviour in the phishing context, results do not provide uniform outcomes with regards to the influence of this trait in phishing victimisation. With the aim to analyse those results, this article provides a synthesis of the studies aimed at improving the understanding of this trait, and collects evidence that the small samples size used in most of the studies along with their lack of uniformity are behind the contradictory conclusions found on the role of neuroticism and human susceptibility to phishing attacks.



    References:

    [1]. The EU’s Cybersecurity Strategy in the Digital Decade, December 2020, https://digital-strategy.ec.europa.eu/en/library/eus-cybersecurity-strategy-digital-decade.
    [2]. Lastdrager, E. E. (2014). Achieving a consensual definition of phishing based on a systematic review of the literature. Crime Science, 3(1), 1-10.
    [3]. Anti-Phishing Working Group (APWG), https://apwg.org/.
    [4]. APWG report, 1Q, 2021, https://docs.apwg.org/reports/apwg trends report q1 2021.pdf.
    [5]. APWG report, 4Q, 2020, https://docs.apwg.org/reports/apwg trends report q4 2020.pdf.
    [6]. Lopez-Aguilar, P., & Solanas, A. (2021). Human Susceptibility to Phishing Attacks Based on Personality Traits: The Role of Neuroticism. In 2021 Computer Society Signature Conference on Computers, Software and Applications (pp. 1-6). IEEE.
    [7]. Sumner, A., & Yuan, X. (2019, April). Mitigating Phishing Attacks: An Overview. In Proceedings of the 2019 ACM Southeast Conference (pp. 72-77).
    [8]. Gupta, B. B., Arachchilage, N. A., & Psannis, K. E. (2018). Defending against phishing attacks: taxonomy of methods, current issues and future directions. Telecommunication Systems, 67(2), 247-267.
    [9]. Gosling, S. D., Rentfrow, P. J., & Swann Jr, W. B. (2003). A very brief measure of the Big-Five personality domains. Journal of Research in personality, 37(6), 504-528.
    [10]. Parrish Jr, J. L., Bailey, J. L., & Courtney, J. F. (2009). A personality based model for determining susceptibility to phishing attacks. Little Rock: University of Arkansas, 285-296.
    [11]. Frauenstein, E. D., & Flowerday, S. (2020). Susceptibility to phishing on social network sites: A personality information processing model. Computers & Security, 94, 101862.
    [12]. Weirich, D., & Sasse, M. A. (2001, September). Pretty good persuasion: a first step towards effective password security in the real world. In Proceedings of the 2001 workshop on New security paradigms (pp. 137-143).
    [13]. Vishwanath, A. (2015). Examining the distinct antecedents of e-mail habits and its influence on the outcomes of a phishing attack. Journal of Computer-Mediated Communication, 20(5), 570-584.
    [14]. Van de Weijer, S. G., & Leukfeldt, E. R. (2017). Big five personality traits of cybercrime victims. Cyberpsychology, Behavior, and Social Networking, 20(7), 407-412.
    [15]. Baki, S., Verma, R. M., & Gnawali, O. (2020, October). Scam Augmentation and Customization: Identifying Vulnerable Users and Arming Defenders. In Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (pp. 236-247).
    [16]. Halevi, T., Lewis, J., & Memon, N. (2013, May). A pilot study of cyber security and privacy related behavior and personality traits. In Proceedings of the 22nd international conference on world wide web (pp. 737-744).
    [17]. McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., & Pattinson, M. (2017). Individual differences and information security awareness. Computers in Human Behavior, 69, 151-156.
    [18]. Sudzina, F., & Pavlicek, A. (2020). Virtual Offenses: Role of Demographic Factors and Personality Traits. Information, 11(4), 188.
    [19]. Kajzer, M., D’Arcy, J., Crowell, C. R., Striegel, A., & Van Bruggen, D. (2014). An exploratory investigation of message-person congruence in information security awareness campaigns. Computers & security, 43, 64-76.
    [20]. Alohali, M., Clarke, N., Li, F., & Furnell, S. (2018). Identifying and predicting the factors affecting end-users’ risk-taking behavior. Information & Computer Security.
    [21]. Albladi, S. M., & Weir, G. R. (2017, November). Personality traits and cyber-attack victimisation: Multiple mediation analysis. In 2017 Internet of Things Business Models, Users, and Networks (pp. 1-6). IEEE.



    Additional Information

    Article Title: The Role of Phishing Victims’ Neuroticism: Reasons Behind the Lack of Consensus
    Author(s): LÓPEZ-AGUILAR, Pablo; SOLANAS, Agusti
    Date of Publication: 2021-12-28
    Publication: International Journal of Information Security and Cybercrime
    ISSN: 2285-9225 e-ISSN: 2286-0096
    Digital Object Identifier: 10.19107/IJISC.2021.02.07
    Issue: Volume 10, Issue 2, Year 2021
    Section: Cyber-Attacks Evolution and Cybercrime Trends
    Page Range: 75-80 (6 pages)



    Copyright ©2012-2025
    The International Journal of Information Security and Cybercrime (IJISC)

    All rights reserved
    The International Journal of Information Security and Cybercrime is a trademark of the Romanian Association for Information Security Assurance (RAISA).
    No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from RAISA. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Romanian Association for Information Security Assurance, if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.