17 research outputs found
“A Bank Would Never Write That!” - A Qualitative Study on E-Mail Trust Decisions
In order to communicate the risk of fraudulent e-mails to users properly, it is important to know which aspects they focus on when evaluating the trustworthiness of an e-mail. To that end, a study was conducted to test predictions derived from a decision model by asking participants how they would react to each of eight e-mails and why. The study confirms results from previous research showing that content as well as visual and linguistic aspects, but also technical aspects such as sender address and link URL are considered by recipients. It also adds new findings like the fact that through experience and education, users form rules such as “A bank will never
ask you for account details via e-mail” or the fact that attachments in HTML format or implausible sending times raise suspicions in users. These findings can be used to inform the design of anti-fraud education and user interfaces of e-mail clients
Characterizing and Predicting Email Deferral Behavior
Email triage involves going through unhandled emails and deciding what to do
with them. This familiar process can become increasingly challenging as the
number of unhandled email grows. During a triage session, users commonly defer
handling emails that they cannot immediately deal with to later. These deferred
emails, are often related to tasks that are postponed until the user has more
time or the right information to deal with them. In this paper, through
qualitative interviews and a large-scale log analysis, we study when and what
enterprise email users tend to defer. We found that users are more likely to
defer emails when handling them involves replying, reading carefully, or
clicking on links and attachments. We also learned that the decision to defer
emails depends on many factors such as user's workload and the importance of
the sender. Our qualitative results suggested that deferring is very common,
and our quantitative log analysis confirms that 12% of triage sessions and 16%
of daily active users had at least one deferred email on weekdays. We also
discuss several deferral strategies such as marking emails as unread and
flagging that are reported by our interviewees, and illustrate how such
patterns can be also observed in user logs. Inspired by the characteristics of
deferred emails and contextual factors involved in deciding if an email should
be deferred, we train a classifier for predicting whether a recently triaged
email is actually deferred. Our experimental results suggests that deferral can
be classified with modest effectiveness. Overall, our work provides novel
insights about how users handle their emails and how deferral can be modeled
Third Person Effect and Internet Privacy Risks
The current study tests the third-person effect (TPE) in the context of Internet privacy. TPE refers to the phenomenon that people tend to perceive greater media effects on others than on themselves. The behavioral component of TPE holds that the self-others perceptual gap is positively associated with support for restricting harmful media messages. Using a sample (N=613) from Amazon Mturk, the current research documented firm support for the perceptual and behavioral components of TPE in the context of Internet privacy. Moreover, social distance, perceived Internet privacy knowledge, negative online privacy experiences, and Internet use were found to be significant predictors of the TPE perceptions of Internet privacy risks. There are four novel contributions of the current study. First, this study systematically tests TPE in a new context―Internet privacy. Second, this study examines five antecedents of TPE perceptions, of which perceived Internet privacy knowledge, negative online privacy experiences, and Internet use are novel to TPE studies. Unlike prior studies which assume social distance and desirability of media content, the current study provides direct empirical tests of these two antecedents. Third, prior research primarily examines support for censorship of harmful media messages, a context in which individuals do not have control over policy enforcement. In the case of Internet privacy, people can decide whether to adopt privacy protective measures or not. The current study addresses two types of behavioral intentions to reduce privacy risks: (1) the willingness to adopt online privacy protection measures; and (2) recommend such measures to others. Fourth, unlike prior studies using fear based theories to investigate Internet privacy issues, the current tests Internet privacy from a novel perspective—TPE theory