MARA and public user characteristics in response to phishing emails

  • Zalina Ayob

Student thesis: Doctoral Thesis


“Social Engineering” refers to the attacks that deceive, persuade and influence an individual to provide information or perform an action that will benefit the attackers. Fraudulent and deceptive individuals use social engineering traps and tactics through Social Networking Sites (SNSs) and electronic communication forms to trick users into obeying them, accepting threats, falling victims to various silent crimes such as phishing, clickjacking, malware installation, sexual abuse, financial abuse, identity theft and physical crime. Although computers can enhance our work activities, e.g., through greater efficiency in document production and ease of communication., the reliance on its benefits has reduced with the introduction of social engineering threats.Phishing email results in significant losses, estimated at billions of dollars, to organisations and individual users every year. According to the 2019 statistics report from, the average financial cost of a data breach is 3.8 million dollars, with 90% of it coming from phishing attacks on user accounts.To reduce users’ vulnerability to phishing emails, we need first to understand the users’ detection behaviour. Many research studies focus only on whether participants respond to phishing or not. A widely held view that we endorse is that this continuing challenge of email is not wholly technical in nature and thereby cannot be entirely resolved through technical measures. Instead, we have here a socio-technical problem whose resolution requires attention to both technical issues and end-users’ specific attitudes and behavioural characteristics. Using a sequential exploratory mixed method approach, qualitative grounded theory is used to explore and generate an in-depth understanding of what and why the phishing characteristics influence email users to judge the attacker as credible. Quantitative experiments are used to relate participants’ characteristics with their behaviour. The study was carefully designed to ensure that valid data could be collected without harm to participants, and with University Ethics Committee approval.The research output is a new model to explain the impact of users’characteristics on their detection behaviour. The model was tested through two study groups, namely Public and MARA . In addition, the final model was tested using structural equation modelling (SEM). This showed that the proposed model explains 17% and 39%, respectively, for the variance in Public and MARA participants’ tendency to respond to phishing emails. The results also explained which, and to what extent, phishing characteristics influence users’ judgement of sender credibility.
Date of Award2 Sept 2021
Original languageEnglish
Awarding Institution
  • University Of Strathclyde
SupervisorGeorge Weir (Supervisor) & John N. Wilson (Supervisor)

Cite this