Persuading end users to act cautiously online: a fear appeals study on phishing

Jurjen Jansen (Cybersafety Research Group, NHL University of Applied Sciences, Leeuwarden, The Netherlands and Faculty of Humanities and Law, Open University, The Netherlands)
Paul van Schaik (School of Social Sciences, Business and Law, Teesside University, Middlesbrough, UK)

Information and Computer Security

ISSN: 2056-4961

Publication date: 9 July 2018

Abstract

Purpose

The purpose of this paper is to test the protection motivation theory (PMT) in the context of fear appeal interventions to reduce the threat of phishing attacks. In addition, it was tested to what extent the model relations are equivalent across fear appeal conditions and across time.

Design/methodology/approach

A pre-test post-test design was used. In the pre-test, 1,201 internet users filled out an online survey and were presented with one of three fear appeal conditions: strong fear appeal, weak fear appeal and control condition. Arguments regarding vulnerability of phishing attacks and response efficacy of vigilant online information-sharing behaviour were manipulated in the fear appeals. In the post-test, data were collected from 786 internet users and analysed with partial least squares path modelling.

Findings

The study found that PMT model relations hold in the domain of phishing. Self-efficacy and fear were the most important predictors of protection motivation. In general, the model results were equivalent across conditions and across time.

Practical Implications

It is important to consider online information-sharing behaviour because it facilitates the occurrence and success of phishing attacks. The results give practitioners more insight into important factors to address in the design of preventative measures to reduce the success of phishing attacks. Future research is needed to test how fear appeals work in real-world settings and over longer periods.

Originality/value

This paper is a substantial adaptation of a previous conference paper (Jansen and Van Schaik, 2017a, b).

Keywords

Acknowledgements

This study is part of the Dutch Research Program on Safety and Security of Online Banking. This program is funded by the Dutch banking sector (represented by the Dutch Banking Association), the Police Academy and the Dutch National Police. The funders primarily took on a facilitating role in the entire research process and occasionally provided feedback on written materials, such as the questionnaire and the manuscript.

Citation

Jansen, J. and van Schaik, P. (2018), "Persuading end users to act cautiously online: a fear appeals study on phishing", Information and Computer Security, Vol. 26 No. 3, pp. 264-276. https://doi.org/10.1108/ICS-03-2018-0038

Download as .RIS

Publisher

:

Emerald Publishing Limited

Copyright © 2018, Emerald Publishing Limited

Please note you might not have access to this content

You may be able to access this content by login via Shibboleth, Open Athens or with your Emerald account.
If you would like to contact us about accessing this content, click the button and fill out the form.
To rent this content from Deepdyve, please click the button.