A study by Missouri University of Science and Technology (Missouri S&T) and Carnegie Mellon University scientists suggests that people may be overconfident in their ability to identify email phishing scams.
Study subjects viewed a series of legitimate and phishing emails, and answered questions to rate their differentiation skills; the investigators then had them rate their own confidence in making those calls.
Participants who were 90% to 99% confident they had correctly identified an email in fact only identified phishing emails correctly about 56% of the time.
Missouri S&T's Casey Canfield said the computers of subjects with better metacognition usually were better protected, which implies that sending more phishing emails could potentially improve their ability to distinguish scams from authentic emails.
Canfield thinks employers could improve workers' savvy in identifying phishing by regularly sending them bogus emails and providing feedback.
From Missouri S&T News
View Full Article
Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA
No entries found