Tuesday, February 18, 2014
Tzipora Halevi, NYU Polytechnic School of Engineering, and James Lewis, and Nasir Memon, both of the New York University Polytechnic Institute, have published A Pilot Study of Cyber Security and Privacy Related Behavior and Personality Traits as part of the WWW '13 Companion Proceedings of the 22nd International Conference on World Wide Web Companion, 2013. Here is the abstract.
Recent research has begun to focus on the factors that cause people to respond to phishing attacks as well as affect user behavior on social networks. This study examines the correlation between the Big Five personality traits and email phishing response. Another aspect examined is how these factors relate to users’ tendency to share information and protect their privacy on Facebook (which is one of the most popular social networking sites). This research shows that when using a prize phishing email, neuroticism is the factor most correlated to responding to this email, in addition to a gender-based difference in the response. This study also found that people who score high on the openness factor tend to both post more information on Facebook as well as have less strict privacy settings, which may cause them to be susceptible to privacy attacks. In addition, this work detected no correlation between the participants estimate of being vulnerable to phishing attacks and actually being phished, which suggests susceptibility to phishing is not due to lack of awareness of the phishing risks and that real-time response to phishing is hard to predict in advance by online users. The goal of this study is to better understand the traits that contribute to online vulnerability, for the purpose of developing customized user interfaces and secure awareness education, designed to increase users’ privacy and security in the future.
Download the paper from SSRN at the link.