Identifying personality traits associated with phishing susceptibility
Document Type
Article
Publication Date
3-1-2025
Abstract
Phishing is one of the most prominent and long-lasting cyber-attacks, whereby attackers use social engineering methods to deceive targets to reveal private information. This study analyzes individual differences in victims' vulnerability from the perspective of victimology and applied psychology. Although most studies have focused on the technical nature of phishing attacks, very little is known about personality traits as drivers of vulnerability. It involved a large-scale survey in which all participants completed a personality assessment questionnaire, along with a phishing susceptibility questionnaire. The results of the survey could be used to create personalized phishing prevention programs in which personality traits, which could be particularly susceptible to phishing, would be targeted. The developed treatments were evaluated in a randomized controlled trial. The findings identified crucial personality traits that influenced the tendency toward phishing attacks, specifically impulsivity and neuroticism. The designed programs for phishing prevention proved capable of reducing susceptibility, thus informing selective intervention designs for improved cybersecurity. This study underscores the importance of integrating psychological theories and victimology approaches to better understand and mitigate phishing risks, offering valuable insights for both academic and practical applications in cybersecurity.
Keywords
Cybersecurity, Phishing attacks, Personality traits, Phishing susceptibility
Divisions
Computer
Funders
administrators of social media groups and forums,LinkedIn
Publication Title
Security Journal
Volume
38
Issue
1
Publisher
Palgrave Macnillan Ltd
Publisher Location
BRUNEL RD BLDG, HOUNDMILLS, BASINGSTOKE RG21 6XS, HANTS, ENGLAND