A study from the Polytechnic Institute of New York University examining the factors that cause people to be more susceptible to phishing
attacks found strong correlations between gender, certain personality traits, and openness orientation to social networking
and being more vulnerable to such an attack.
The three authors of the study, which include individuals from computer science; electrical and computer engineering; and technology, culture, and society areas, used the Big Five personality framework as a reference point in determining the traits that might contribute to a greater vulnerability to a phishing attack. The five dimensions are Neuroticism, Extroversion, Openness, Agreeableness, and Conscientiousness.
The test email, with notations
The test was conducted on 100 psychology students from a class at a “small Northeast engineering college”, and as part of the experiment, participants were given a link to an online questionnaire that they were to fill out. The team used the students’ email address to send a prepared phishing email promising an Apple
product to the first one to click a link in the email.
Put simply, the email was dressed up to look as phony as any phishing email is, complete with spelling errors--a classic prize scam email.
17% of the users--that is to say, 17 people--succumbed to the phishing scam. Based on the information gleaned from the online survey, the researchers found that women were more susceptible to the phish than men, as were people who scored higher on neuroticism. Also of note, those who tended to be more engaged Facebook users--i.e., more frequent posters who used more open privacy settings--were more likely to be victims of the scam.