Search results

1 – 10 of over 23000
To view the access options for this content please click here
Article
Publication date: 9 August 2021

Piers Bayl-Smith, Ronnie Taib, Kun Yu and Mark Wiggins

This study aims to examine the effect of cybersecurity threat and efficacy upon click-through, response to a phishing attack: persuasion and protection motivation in an…

Abstract

Purpose

This study aims to examine the effect of cybersecurity threat and efficacy upon click-through, response to a phishing attack: persuasion and protection motivation in an organizational context.

Design/methodology/approach

In a simulated field trial conducted in a financial institute, via PhishMe, employees were randomly sent one of five possible emails using a set persuasion strategy. Participants were then invited to complete an online survey to identify possible protective factors associated with clicking and reporting behavior (N = 2,918). The items of interest included perceived threat severity, threat susceptibility, response efficacy and personal efficacy.

Findings

The results indicate that response behaviors vary significantly across different persuasion strategies. Perceptions of threat susceptibility increased the likelihood of reporting behavior beyond clicking behavior. Threat susceptibility and organizational response efficacy were also associated with increased odds of not responding to the simulated phishing email attack.

Practical implications

This study again highlights human susceptibility to phishing attacks in the presence of social engineering strategies. The results suggest heightened awareness of phishing threats and responsibility to personal cybersecurity are key to ensuring secure business environments.

Originality/value

The authors extend existing phishing literature by investigating not only click-through behavior, but also no-response and reporting behaviors. Furthermore, the authors observed the relative effectiveness of persuasion strategies used in phishing emails as they compete to manipulate unsafe email behavior.

Details

Information & Computer Security, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2056-4961

Keywords

To view the access options for this content please click here
Article
Publication date: 3 August 2021

Suganthi Manoharan, Norliza Katuk, Syahida Hassan and Rahayu Ahmad

Despite internet banking’s popularity, there is a rise in phishing attacks related to online banking transactions. Phishing attacks involved the process of sending out…

Abstract

Purpose

Despite internet banking’s popularity, there is a rise in phishing attacks related to online banking transactions. Phishing attacks involved the process of sending out electronic mails impersonating the valid banking institutions to their customers and demanding confidential data such as credential and transaction authorisation code. The purpose of this paper is to propose a theoretical model of individual and technological factors influencing Malaysian internet banking users’ intention in responding to malicious uniform resource locator (URL) in phishing email content.

Design/methodology/approach

It applied the protective motivation theory, the theories of reasoned action and planned behaviour, the habit theory and the trust theory to examine the factors influencing internet banking users’ intention to click URLs in phishing emails. The study identifies individual and technological factors with ten hypotheses. A total of 368 Malaysian respondents voluntarily participated in an online survey conducted in the first week of March 2021. The partial least squares method provided in SmartPLS-3 was used to model the data.

Findings

The results revealed that individual factors, namely, internet banking experience, understanding the phishing meaning, response cost, trust and perceived ability were the significant influencing factors of internet banking users’ intention to click the link in phishing emails. This study also suggested that technological factors were not relevant in describing the behavioural intention of internet banking users in clicking the links in phishing emails.

Social implications

The findings could contribute to Malaysian banking sectors and relevant government agencies in educating and increasing internet banking users’ awareness towards phishing emails.

Originality/value

The outcomes demonstrated the individual factors that influenced internet banking users’ intention in responding to phishing emails that are specific and relevant to Malaysia’s context.

Details

Information & Computer Security, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2056-4961

Keywords

Content available
Article
Publication date: 14 July 2021

Molly Cooper, Yair Levy, Ling Wang and Laurie Dringus

This study introduces the concept of audiovisual alerts and warnings as a way to reduce phishing susceptibility on mobile devices.

Abstract

Purpose

This study introduces the concept of audiovisual alerts and warnings as a way to reduce phishing susceptibility on mobile devices.

Design/methodology/approach

This study has three phases. The first phase included 32 subject matter experts that provided feedback toward a phishing alert and warning system. The second phase included development and a pilot study to validate a phishing alert and warning system prototype. The third phase included delivery of the Phishing Alert and Warning System (PAWSTM mobile app) to 205 participants. This study designed, developed, as well as empirically tested the PAWSTM mobile app that alerted and warned participants to the signs of phishing in emails on mobile devices.

Findings

The results of this study indicated audio alerts and visual warnings potentially lower phishing susceptibility in emails. Audiovisual warnings appeared to assist study participants in noticing phishing emails more easily and in less time than without audiovisual warnings.

Practical implications

This study's implications to mitigation of phishing emails are key, as it appears that alerts and warnings added to email applications may play a significant role in the reduction of phishing susceptibility.

Originality/value

This study extends the existing information security body of knowledge on phishing prevention and awareness by using audiovisual alerts and warnings to email recipients tested in real-life applications.

Details

Organizational Cybersecurity Journal: Practice, Process and People, vol. 1 no. 1
Type: Research Article
ISSN: 2635-0270

Keywords

To view the access options for this content please click here
Book part
Publication date: 1 September 2014

Martin G.A. Svensson and Alf Westelius

Emailing does not preclude emotional exchange and many times it causes us to engage in spiralling exchanges of increasingly angry emailing. The purpose of this chapter is…

Abstract

Emailing does not preclude emotional exchange and many times it causes us to engage in spiralling exchanges of increasingly angry emailing. The purpose of this chapter is threefold: to explore how factors of temporality are related to anger when emailing, to model circumstances that protect against, but also ignite, anger escalation, and to raise a discussion for practitioners of how to avoid damaging email communication. By intersecting literature on communication, information systems, psychology and organisational studies, factors leading to an ‘emotional verge’ are identified and summarised in a model showing factors likely to prime, but also protect against, anger escalation.

Details

Individual Sources, Dynamics, and Expressions of Emotion
Type: Book
ISBN: 978-1-78190-889-1

Keywords

To view the access options for this content please click here
Article
Publication date: 4 February 2021

Elise Ferer

To describe how a personal librarian program at a large university developed, has evolved, and continues to function. This paper aims to assist other librarians in…

Abstract

Purpose

To describe how a personal librarian program at a large university developed, has evolved, and continues to function. This paper aims to assist other librarians in developing their own personal librarian programs. It will also assist librarians who are working to connect to students.

Design/methodology/approach

To produce this paper, internal documents were reviewed, existing data were investigated, those who assisted in the development of the program were consulted and literature on personal librarian programs was reviewed.

Findings

Personal librarian programs can be an efficient way to connect to students and can create awareness about library services, especially without a formal orientation for new students. The personal librarian program discussed here connects the library to a large number of students with little time and effort. Planning is important in developing a working program.

Practical implications

Librarians can use this article to understand how a personal librarians program functions and how it can benefit their libraries. The paper emphasizes revising an existing program to work more effectively and using planning documents and assessment to help an outreach program run smoothly.

Originality/value

This paper details how a personal librarian program was developed and has evolved as well as how the program functions. The value is in the ways in which the program has been revised and has evolved and in the role that planning has taken in creating an effective program.

Details

Reference Services Review, vol. 49 no. 1
Type: Research Article
ISSN: 0090-7324

Keywords

To view the access options for this content please click here
Article
Publication date: 4 June 2020

Antonia Michael and Jan Eloff

Malicious activities conducted by disgruntled employees via an email platform can cause profound damage to an organization such as financial and reputational losses. This…

Abstract

Purpose

Malicious activities conducted by disgruntled employees via an email platform can cause profound damage to an organization such as financial and reputational losses. This threat is known as an “Insider IT Sabotage” threat. This involves employees misusing their access rights to harm the organization. Events leading up to the attack are not technical but rather behavioural. The problem is that owing to the high volume and complexity of emails, the risk of insider IT sabotage cannot be diminished with rule-based approaches.

Design/methodology/approach

Malicious human behaviours that insiders within the insider IT sabotage category would possess are studied and mapped to phrases that would appear in email communications. A large email data set is classified according to behavioural characteristics of these employees. Machine learning algorithms are used to identify occurrences of this insider threat type. The accuracy of these approaches is measured.

Findings

It is shown in this paper that suspicious behaviour of disgruntled employees can be discovered, by means of machine intelligence techniques. The output of the machine learning classifier depends mainly on the depth and quality of the phrases and behaviour analysis, cleansing and number of email attributes examined. This process of labelling content in isolation could be improved if other attributes of the email data are included, such that a confidence score can be computed for each user.

Originality/value

This research presents a novel approach to show that the creation of a prototype that can automate the detection of insider IT sabotage within email systems to mitigate the risk within organizations.

Details

Information & Computer Security, vol. 28 no. 4
Type: Research Article
ISSN: 2056-4961

Keywords

Content available
Article
Publication date: 23 July 2020

Rami Mustafa A. Mohammad

Spam emails classification using data mining and machine learning approaches has enticed the researchers' attention duo to its obvious positive impact in protecting…

Abstract

Spam emails classification using data mining and machine learning approaches has enticed the researchers' attention duo to its obvious positive impact in protecting internet users. Several features can be used for creating data mining and machine learning based spam classification models. Yet, spammers know that the longer they will use the same set of features for tricking email users the more probably the anti-spam parties might develop tools for combating this kind of annoying email messages. Spammers, so, adapt by continuously reforming the group of features utilized for composing spam emails. For that reason, even though traditional classification methods possess sound classification results, they were ineffective for lifelong classification of spam emails duo to the fact that they might be prone to the so-called “Concept Drift”. In the current study, an enhanced model is proposed for ensuring lifelong spam classification model. For the evaluation purposes, the overall performance of the suggested model is contrasted against various other stream mining classification techniques. The results proved the success of the suggested model as a lifelong spam emails classification method.

Details

Applied Computing and Informatics, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2634-1964

Keywords

To view the access options for this content please click here
Article
Publication date: 7 July 2020

Ammara Zamir, Hikmat Ullah Khan, Waqar Mehmood, Tassawar Iqbal and Abubakker Usman Akram

This research study proposes a feature-centric spam email detection model (FSEDM) based on content, sentiment, semantic, user and spam-lexicon features set. The purpose of…

Abstract

Purpose

This research study proposes a feature-centric spam email detection model (FSEDM) based on content, sentiment, semantic, user and spam-lexicon features set. The purpose of this study is to exploit the role of sentiment features along with other proposed features to evaluate the classification accuracy of machine learning algorithms for spam email detection.

Design/methodology/approach

Existing studies primarily exploits content-based feature engineering approach; however, a limited number of features is considered. In this regard, this research study proposed a feature-centric framework (FSEDM) based on existing and novel features of email data set, which are extracted after pre-processing. Afterwards, diverse supervised learning techniques are applied on the proposed features in conjunction with feature selection techniques such as information gain, gain ratio and Relief-F to rank most prominent features and classify the emails into spam or ham (not spam).

Findings

Analysis and experimental results indicated that the proposed model with sentiment analysis is competitive approach for spam email detection. Using the proposed model, deep neural network applied with sentiment features outperformed other classifiers in terms of classification accuracy up to 97.2%.

Originality/value

This research is novel in this regard that no previous research focuses on sentiment analysis in conjunction with other email features for detection of spam emails.

Details

The Electronic Library , vol. 38 no. 3
Type: Research Article
ISSN: 0264-0473

Keywords

To view the access options for this content please click here
Article
Publication date: 21 March 2016

Anthony Cocciolo

The purpose of this study is to evaluate strategies to appraise email correspondence to select significant email for permanent preservation without capturing trivial or…

Downloads
1358

Abstract

Purpose

The purpose of this study is to evaluate strategies to appraise email correspondence to select significant email for permanent preservation without capturing trivial or personal emails. The strategies were tested on the actual email accounts of selected individuals occupying important roles within an important cultural institution in the Northeastern USA.

Design/methodology/approach

Treating this art museum as a case study site, email messages are manually appraised for retention using a rubric. Following the appraisal, strategies for expediting this appraisal process, using what is learned from the manual appraisal process, are explored.

Findings

A major finding of this study is that sent mail is almost always significant, although preserving only sent mail, or preserving sent mail in combination with inbox items that have been acted upon (replied to or forwarded), are not sufficient to capture significant correspondence. Rather, a social network approach holds the most promise to accelerate the process of email appraisal.

Originality/value

This study provides empirically grounded strategies for appraising email for permanent retention.

Details

Records Management Journal, vol. 26 no. 1
Type: Research Article
ISSN: 0956-5698

Keywords

To view the access options for this content please click here
Article
Publication date: 1 June 2001

Thomas Jackson, Ray Dawson and Darren Wilson

The use of email by employees at the Danwood Group was studied and it was found that the interrupt effect from emails is more than generally believed. Employees allowed…

Downloads
1122

Abstract

The use of email by employees at the Danwood Group was studied and it was found that the interrupt effect from emails is more than generally believed. Employees allowed themselves to be interrupted almost as frequently as telephone calls and the common reaction to the arrival of an email is to react almost as quickly as they would respond to telephone calls. This means the interrupt effect is comparable with that of a telephone call. The recovery time from an email interruption was found to be significantly less than the published recovery time for telephone calls. It is to be concluded, therefore, that while Email is still less disruptive than the telephone, the way the majority of users handle their incoming email has been shown to give far more interruption than expected. By analysing the data captured the authors have been able to create recommendations for a set of guidelines for email usage within the workplace that will increase employee efficiency by reducing the prominence of interruptions, restricting the use of email‐to‐all messages, setting‐up the email application to display three lines of the email and to check for email less frequently. It is recommended that training should be given to staff on how to use email more effectively to increase employee productivity.

Details

Journal of Systems and Information Technology, vol. 5 no. 1
Type: Research Article
ISSN: 1328-7265

Keywords

1 – 10 of over 23000