Thesis

Individual's motivation in responding to phishing emails : a Saudi Arabian Case Study

可下载的内容

下载PDF文件
Creator
Rights statement
Awarding institution
  • University of Strathclyde
Date of award
  • 2022
Thesis identifier
  • T16420
Person Identifier (Local)
  • 201862412
Qualification Level
Qualification Name
Department, School or Faculty
Abstract
  • The use of email has been exploited by cybercriminals, as a means of carrying out their cybersecurity attacks. ‘Phishing’ – a form of social engineering attack – is a well-known example of just such a cybersecurity attack; cybercriminals persuade a victim to respond to their emails by presenting themselves as an official person or entity. As this type of persuasion comes in different forms, using different strategies aiming to get a positive response from an intended victim, the current study focuses on different Social Engineering Persuading Strategies (SEPS), which are: Authority; Social Proof; and Scarcity. This study concentrates on decreasing the risk of responding to phishing emails, through the study of the Theory of Planned Behaviour (TPB). The key factors in TPB are Attitude, Subjective Norms, and Perceived Behavioural Control; these influence an individual’s behavioural intention in responding to phishing emails, across different SEPS. The current study aims to evaluate TPB, as a tool for explaining user behavioural intentions when responding to phishing emails. A quantitative online survey was used for collecting data from undergraduate students at King Faisal University (KFU) in Saudi Arabia. Data analysis was performed by applying multiple linear regression analysis (MLRA), and confirmatory factor analysis (CFA). The principal finding was that TPB explains 53.8% of the variance in behavioural intention to respond to phishing emails under the Authority strategy, 51.8% under the Social Proof strategy, and 49.8% under the Scarcity strategy. Additionally, the study found that only two TPB factors (Attitude and Subjective Norms) have a statistically significant impact on individuals’ behavioural intention under SEPS; Perceived Behavioural Control only has a significant impact on individuals’ behavioural intentions under the Authority strategy – it did not have a significant impact under Social proof or Scarcity. The attitude was found to be the strongest predictor of an individual’s behavioural intention under the Authority and Social Proof, while the Subjective Norm factor was found to be the strongest predictor under the Scarcity strategies. Additionally, the TPB model was found to have a good model fit when applied to the intention to respond to phishing emails. This means the TPB model might work well when applied to explain an individual’s behavioural intention of Saudi Arabian undergraduate students when responding to phishing emails under SEPS.
Advisor / supervisor
  • Weir, George R. S.
  • Terzis, Sotirios, 1973-
Resource Type
DOI

关系

项目

缩略图 标题 上传日期 公开度 行动
file details PDF of thesis T16420 2022-11-22 公开 下载