A Study Of The Effect Of Email Cues On Susceptibility To Spear Phishing

With the rapid development of Internet technology and various social networking platforms,personal information has become more easily collected and analyzed by attackers,which in turn has led to the popularity of spear phishing attacks.Spear phishing employs a large number of social engineering techniques with a high degree of personalization and therefore a high success rate.This has become an important issue affecting network information security.People are the most vulnerable link in information security defense and the last line of defense against phishing attacks.Spear phishing mainly influences individuals to make wrong judgments and decisions by using highly targeted content in emails.Therefore,it is necessary to analyze the influence of email cues on spear phishing susceptibility,starting from email cues that represent the content of spear phishing messages.In this thesis,spear phishing susceptibility is studied and hypotheses are formulated based on a fine-grained processing likelihood model.Sample data were collected through an online research platform,and the research hypotheses were empirically tested using partial least squares.Based on this,the group effects of different email cues on spear phishing susceptibility were analyzed in conjunction with qualitative comparative analysis methods to explore the core causal chain affecting different levels of spear phishing susceptibility.To further investigate the relationship between the difference in cognitive effort invested by individuals on different cues and susceptibility in the face of such highly targeted online information attacks,this study used spear phishing as a research context,proposed a research hypothesis based on a heuristic-systematic model,and designed a cognitive neural experiment using functional near-infrared spectral imaging to investigate the effect of email cues on susceptibility to spear phishing susceptibility to spear phishing and its cognitive neural mechanisms.It was found that cues such as credible source,genre consistency,and argument quality of emails,as well as individual involvement and fraud knowledge,had an impact on spear phishing susceptibility,and two types of combination paths affecting high spear phishing susceptibility were derived in a qualitative comparative analysis: email cue-dominant and low fine-processing-dominant.And the combination paths affecting low spear phishing susceptibility are not completely symmetric with high susceptibility.The results of a cognitive neural mechanism study on the effect of mail cues on spear phishing susceptibility showed that individuals put more cognitive effort into systemic cues than heuristic cues,as evidenced by more judgment time and more significant changes in blood oxygen concentration when faced with mail cues.This thesis refines and expands the related research on spear phishing susceptibility,and enriches the application of dual processing theory and cognitive neuroscience to spear phishing.The findings provide theoretical and practical guidance for individuals or organizations to better protect themselves against spear phishing attacks.