Predictors of Phishing Susceptibility Derived from Logistic Regression.

<p>Main effect of years of education on reported phishing suspiciousness (A). Age group interaction effects with prior phishing knowledge (B) and NAB Mazes score (C). Error bars and shaded bands represent 95% confidence intervals.</p

Results of the Logistic Regression Analysis Predicting Phishing Suspiciousness.

<p>Results of the Logistic Regression Analysis Predicting Phishing Suspiciousness.</p

Phishing suspiciousness in older and younger adults: The role of executive functioning

<div><p>Phishing is the spoofing of Internet websites or emails aimed at tricking users into entering sensitive information, with such goals as financial or identity theft. The current study sought to determine whether age is associated with increased susceptibility to phishing and whether tests of executive functioning can predict phishing susceptibility. A total of 193 cognitively intact participants, 91 younger adults and 102 older adults, were primarily recruited through a Psychology department undergraduate subject pool and a gerontology research registry, respectively. The Executive Functions Module from the Neuropsychological Assessment Battery and the Iowa Gambling Task were the primary cognitive predictors of reported phishing suspiciousness. Other predictors included age group (older vs. younger), sex, education, race, ethnicity, prior knowledge of phishing, prior susceptibility to phishing, and whether or not browsing behaviors were reportedly different in the laboratory setting versus at home. A logistic regression, which accounted for a 22.7% reduction in error variance compared to the null model and predicted phishing suspiciousness with 73.1% (95% CI [66.0, 80.3]) accuracy, revealed three statistically significant predictors: the main effect of education (<i>b</i> = 0.58, <i>SE</i> = 0.27) and the interactions of age group with prior awareness of phishing (<i>b</i> = 2.31, <i>SE</i> = 1.12) and performance on the Neuropsychological Assessment Battery Mazes test (<i>b</i> = 0.16, <i>SE</i> = 0.07). Whether or not older adults reported being suspicious of the phishing attacks used in this study was partially explained by educational history and prior phishing knowledge. This suggests that simple educational interventions may be effective in reducing phishing vulnerability. Although one test of executive functioning was found useful for identifying those at risk of phishing susceptibility, four tests were not found to be useful; these results speak to the need for more ecologically valid tools in clinical neuropsychology.</p></div

Participant Demographics, Cognitive Test Scores, and Questionnaire Responses.

<p>Participant Demographics, Cognitive Test Scores, and Questionnaire Responses.</p

Example of a Deep-Level Phishing Web Page Encountered by Study Participants.

<p>A dynamically generated deep-level webpage on the Amazon phishing website (any level of webpages can be generated and presented to users in real-time).</p

Example of a Phishing Home Page Encountered by Study Participants.

<p>A dynamically generated homepage on the Amazon phishing website (it presents the same content that is actually displayed on the legitimate Amazon website).</p