Risk perception of internet-related activities

When people choose to engage in an online activity, such as doing their banking online, or making a purchase through an online merchant, they are making a trust decision about the supplier and source of the website in question. It appears that a large majority of users commonly place their trust in most, if not all, websites they encounter, and this causes significant security problems. Any solutions proposed to reduce the threat of online attacks must include a consideration of the psychological processes of the end users. This paper presents a study with the aim of understanding users' perceptions of the risks involved in engaging in online interactions. Our main findings suggest that users report higher risks associated with activities that are related to finances, such as online banking and online purchases, but attribute lower risk to online activities that are less financially-related, such as using a search engine or engaging in social networking, which are highly valued targets for attackers.

[1]  M. Douglas,et al.  Risk and Culture: An Essay on the Selection of Technological and Environmental Dangers , 1983 .

[2]  P. Slovic Perception of risk. , 1987, Science.

[3]  C. Starr Social benefit versus technological risk. , 1969, Science.

[4]  J. Short The Social Fabric at Risk: Toward the Social Transformation of Risk Analysis , 1984 .

[5]  Engin Kirda,et al.  Insights into User Behavior in Dealing with Internet Attacks , 2012, NDSS.

[6]  Min Wu,et al.  Do security toolbars actually prevent phishing attacks? , 2006, CHI.

[7]  Lynn Silipigni Connaway,et al.  What is enough? Satisficing information needs , 2007, J. Documentation.

[8]  Ronald C. Dodge,et al.  Phishing for user security awareness , 2007, Comput. Secur..

[9]  George R. Milne How Well Do Consumers Protect Themselves from Identity Theft , 2003 .

[10]  Tom L. Roberts,et al.  First Impressions with Websites: The Effect of the Familiarity and Credibility of Corporate Logos on Perceived Consumer Swift Trust of Websites , 2007, HCI.

[11]  Ray Hunt,et al.  A taxonomy of network and computer attacks , 2005, Comput. Secur..

[12]  Marti A. Hearst,et al.  Why phishing works , 2006, CHI.

[13]  Burton Al The environment as hazard , 1978 .

[14]  J. Doug Tygar,et al.  The battle against phishing: Dynamic Security Skins , 2005, SOUPS '05.

[15]  Won Kim,et al.  The dark side of the Internet: Attacks, costs and responses , 2011, Inf. Syst..

[16]  K. Millar,et al.  The Effects of Cognitive Capacity and Suspicion on Truth Bias , 1997 .

[17]  B. Fischhoff,et al.  How safe is safe enough? A psychometric study of attitudes towards technological risks and benefits , 1978 .

[18]  Susan Wiedenbeck,et al.  On-line trust: concepts, evolving themes, a model , 2003, Int. J. Hum. Comput. Stud..