AbstractIn this research, 153 employees at a National Laboratory received one of one of four different phishing emails. All of the emails were similar in content, but systematically varied according to the number and combination of phishing tactics in the message. Participants were unaware they would be receiving the email, which was sent during regular business hours. After receiving the emails, participants completed online questionnaires designed to measure possible predictors of phishing attack susceptibility. The significant predictors included how suspicious participants were of the email and their reported level of distress related to their work prior to completing the study.
Published: August 25, 2023