Is the key to phishing training persistence?: Developing a novel persistent intervention

J Exp Psychol Appl. 2022 Mar;28(1):85-99. doi: 10.1037/xap0000410. Epub 2022 Feb 14.

Abstract

Most previous phishing interventions have employed discrete training approaches, such as brief instructions aimed at improving phishing detection. However, these discrete interventions have demonstrated limited success. The present studies focused on developing an alternative to discrete training by providing college-age adults with a persistent classification aid that guided them on what characteristics a phishing email might include. Experiment 1 determined if this classification aid improved email categorization performance relative to feedback and control. Experiment 2 continued the evaluation of the classification aid to determine whether performance improvements were due to increased systematic processing of emails. Experiment 3 explored whether the classification aid would be more effective when embedded directly into the email interface. The results suggested three major findings. (a) Persistent interventions can improve phishing email detection. (b) Performance improvements were largest when the classification aid was embedded into the task. (c) These benefits were likely driven by an improved systematic processing of the emails. This novel phishing classification aid serves as a promising persistent intervention that can be adaptable to specific email environments and individuals. (PsycInfo Database Record (c) 2022 APA, all rights reserved).

MeSH terms

  • Adult
  • Electronic Mail*
  • Humans