Phishing is an online scam where criminals trick users with various strategies, with the goal of obtaining sensitive information or compromising accounts, systems, and/or other personal or organisational Information Technology resources. Multiple studies have shown that human factors influence the success of phishing attempts. However, these studies were conducted before the COVID-19 pandemic, which is significant because security reports show that the numbers of phishing attacks have been rapidly increasing since the start of COVID-19. This study investigates the extent to which users’ fear, anxiety and stress levels regarding COVID-19, impact falling for common and COVID-19 themed phishing scams during the outbreak period. Prior studies have depicted the effects of human behaviour on phishing attacks before the pandemic, such as risk-taking preferences and users’ demographic factors, hence this study also focuses on the effects of those factors on the likelihood of phishing victimisation. More concretely, we present the results of a scenario-based roleplay experiment to study the relationship between fear, anxiety, stress, risk-taking, and demographic factors and the success of phishing attacks during the pandemic. The findings indicate that fear of COVID-19 influences the success of COVID-19 specific themed phishing scams, while anxiety, stress, and risk-taking influences the success of both the COVID-19 themed and common phishing scams. Our findings also suggest that the users’ education level impacts common phishing attacks during the pandemic.
The Impact of Workload on Phishing Susceptibility: An Experiment
Phishing is when social engineering is used to deceive a person into sharing sensitive information or downloading...