Spear-Phishing Susceptibility Stemming From Personality Traits

Spear-Phishing Susceptibility Stemming From Personality Traits

This study explores the psychological aspects of social engineering by analyzing personality traits in the context of spear-phishing attacks. Phishing emails were constructed by leveraging multiple vulnerable personality traits to maximize the success of an attack. The emails were then used to test...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE access 2022, Vol.10, p.73548-73561
Hauptverfasser: Eftimie, Sergiu, Moinescu, Radu, Racuciu, Ciprian
Format: Artikel
Sprache:eng
Schlagworte:
Companies
Cyber security
Cybersecurity
Electronic mail
human behavior
Personality tests
Personality traits
Phishing
Psychological factors
Psychology
Regression analysis
Security
social engineering
Software
Software development
spear-phishing
Training
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This study explores the psychological aspects of social engineering by analyzing personality traits in the context of spear-phishing attacks. Phishing emails were constructed by leveraging multiple vulnerable personality traits to maximize the success of an attack. The emails were then used to test several hypotheses regarding phishing susceptibility by simulating a series of spear-phishing campaigns inside a software development company. The company's employees underwent a standard Big Five personality test, four different phishing emails over four weeks, and cybersecurity training. The results were aggregated before and after the cybersecurity course, and binary logistic regression analyses were performed at each phase of the phishing attack. The results show that personality traits correlate with phishing susceptibility under certain circumstances and pave the way for new methods of protecting individuals from phishing attacks.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2022.3190009