'Protect and Fight Back': A Case Study on User Motivations to Report Phishing Emails

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

Samenvatting

Phishing reporting is emerging as a key defense mechanism against phishing attacks. Whereas large enough organizations have specific policies in place for phishing reporting, user uptake is still limited, and a clear picture of what motivates users to report and which types of emails is still to be drawn. Yet, this is critical to devising better policies and procedures and stimulating awareness and a cyber-security culture within organizations. In this work, we sample and interview n=49 employees from the pool of phishing reporters at a medium-sized European technical university.
We sample interviewees based on how sophisticated the emails they report are over contextual and technical dimensions and cluster reporters in terms of their (emerging) reporting behavior. We conduct semi-structured interviews up to thematic saturation and derive 13 main themes driving reporting motivations. We discuss the identified themes in the broader theoretical context, as well as the practical implications of our findings.
Originele taal-2Engels
TitelEuropean Symposium on Usable Security
UitgeverijACM Press
StatusGeaccepteerd/In druk - 6 aug. 2024

Vingerafdruk

Duik in de onderzoeksthema's van ''Protect and Fight Back': A Case Study on User Motivations to Report Phishing Emails'. Samen vormen ze een unieke vingerafdruk.

Citeer dit