Examining the Coping Appraisal Process in End User Security

Protection Motivation Theory, which models the appraisal processes individuals make in regard to potential threats and safeguards, has informed a number of previous empirical studies on information security. However, none have accounted for the possibility of multiple countermeasures. In this study, we investigated this possibility by analyzing the responses of computer users who could potentially suffer malware infections. Initial results suggest that high levels of self-efficacy and low levels of response costs motivate the intentions to adopt one countermeasure over another

The Effectiveness of Deceptive Tactics in Phishing

Phishing, or the attempt of criminals to obtain sensitive information through a variety of techniques, is still a serious problem for IT managers and Internet consumers. With over 57 million Americans exposed to phishing in 2005, a reported 5% of recipients were victimized. Some believe that one percent of all email is phishing-related, and estimates of financial losses vary from 100 million to 1 billion dollars (US) a year (Goth, 2005). Our research examines the properties in a phishing email that may or may not influence the users to give out personal and sensitive information. For this field experiment we use students to test the effect that certain types of content have on the phishing process. The study outcomes suggest that user’s do not pay attention to the sender’s domain in a phishing email but do respond to personalized messages and messages that demand an immediate response

Broadband Internet Access as a Localized Resource for Facilitating Information Security Knowledge

With an increasing number of threats to cybersecurity, research continues to focus on methods and behaviors by which individuals may better protect themselves. The availability of broadband infrastructure has been proposed to improve city and regional economic, educational, and health-related prospects, but its impact on facilitating security knowledge gathering has yet to be studied. This study assesses the influence of broadband availability, using data collected from 894 Internet users from across the United States, with multiple analysis techniques supported by geographical information systems (GIS). The results indicate that broadband access, in addition to age and education level, is associated with higher levels of security knowledge. Moreover, geographical weighted regression analyses suggest that the significant variables vary in influence based on their locality

The Decision to Share Information and Rumors: Examining the Role of Motivation in an Online Discussion Forum

The focus of this study is to examine the motivations of online community members to share information and rumors. We investigated an online community of interest, the members of which voluntarily associate and communicate with people with similar interests. Community members, posters and lurkers alike, were surveyed on the influence of extrinsic and intrinsic motivations, as well as normative influences, on their willingness to share information and rumors with others. The results indicated that posters and lurkers are differently motivated by intrinsic factors to share, and that extrinsic rewards like improved reputation and status-building within the community are motivating factors for rumor mongering. The results are discussed and future directions for this area of research are offered

Invited Paper: The Times they are a Changin’: How Non- Technology Factors have Affected IS Curriculum over Time

Changes to degree programs in Information Systems are often attributed to quickly-evolving technology and the subsequent changing needs of the employers who hire IS graduates. In this paper, we explore other social and economic factors that were the inspiration for curriculum changes by assigning them to one of four eras in the IS timeline. Using enrollment figures and archival data, we identify both legitimate reasons and misconceptions that led to fluctuating programming requirements, the rise and fall of trendy courses, and the wholesale elimination of programs and faculty positions. We conclude the paper by using our findings to speculate what the future of IS education could look like and how degree programs should prepare for the next era of IS academia

Extending Ecommerce Deception Theory to Phishing

Phishing threatens the information security of Internet users and corporations. Where most research focuses on the phisher’s website, i.e., how to determine if a website is legitimate, this study examines the email that begins the phishing process. To understand why Internet consumers respond to phisher’s emails by sharing sensitive information, we draw on models of e-commerce deception to explain the efficacy of phishing strategies. To test our hypotheses, we conducted a field experiment that manipulated the content of phishing emails. Consistent with our hypotheses, we found content manipulations improved the likelihood of our subjects’ conveying sensitive information. Further, we found that cognitive processes can influence a consumer’s likelihood of being deceived. However, hypotheses about deception support mechanisms and presentation manipulations were not supported. In sum, we find support for the general theory of ecommerce deception as well as our cognitive processing explanations for phishing’s effectiveness