Getting phished on social media

The study experimentally simulated a level-1 social networking-based phishing (SNP) attack, where a phisher using a phony profile attempts to friend an individual on Facebook, and a level-2 SNP attack, where a phisher attempts to extract information directly. The results implicate the use of cognitive shortcuts triggered by the cues afforded in Facebook's interface. Individuals appeared to be using the phisher's friend count as a heuristic for judging the authenticity of a level-1 request. They, thus, responded to a phisher displaying a large friend count even in the absence of a profile picture. Interestingly, the affordance of smartphones used to access social mediaan issue that has received little academic attentionincreased the odds of considering such requests sevenfold. Research examines how people get phished on social media.Results point to heuristic use potentiating victimization.Device use increases likelihood of social media phishing victimization.

[1]  Rui Chen,et al.  Why do people get phished? Testing individual differences in phishing vulnerability within an integrated, information processing model , 2011, Decis. Support Syst..

[2]  Arun Vishwanath,et al.  Habitual Facebook Use and its Impact on Getting Deceived on Social Media , 2015, J. Comput. Mediat. Commun..

[3]  H. Simon,et al.  Models Of Man : Social And Rational , 1957 .

[4]  S. Chaiken The heuristic model of persuasion. , 1987 .

[5]  Elizabeth Thiry,et al.  Do you believe in love at first sight: effects of media richness via modalities on viewers' overall impressions of online dating profiles , 2011, iConference.

[6]  Shelly Chaiken,et al.  A heuristic‐systematic processing analysis of the effectiveness of product warning labels , 1998 .

[7]  Ryan T. Wright,et al.  The Influence of Experiential and Dispositional Factors in Phishing: An Empirical Investigation of the Deceived , 2010, J. Manag. Inf. Syst..

[8]  Arun Vishwanath,et al.  Mobile device affordance: Explicating how smartphones influence the outcome of phishing attacks , 2016, Comput. Hum. Behav..

[9]  S. Feld Why Your Friends Have More Friends Than You Do , 1991, American Journal of Sociology.

[10]  Clifford Nass,et al.  The media equation - how people treat computers, television, and new media like real people and places , 1996 .

[11]  U. Dholakia,et al.  Coveted or Overlooked? The Psychology of Bidding for Comparable Listings in Digital Auctions , 2001 .

[12]  Paul E. Johnson,et al.  Detecting deception: adversarial problem solving in a low base-rate world , 2001, Cogn. Sci..

[13]  Gerald R. Miller,et al.  Invited Article Fudging with Friends and Lying to Lovers: Deceptive Communication in Personal Relationships , 1986 .

[14]  Arun Vishwanath,et al.  Suspicion, Cognition, and Automaticity Model of Phishing Susceptibility , 2018, Commun. Res..

[15]  Urs Gasser,et al.  Teens, social media, and privacy , 2013 .

[16]  B. Bank,et al.  Gender and friendship: Why are men's best same‐sex friendships less intimate and supportive? , 2000 .

[17]  S. Shyam Sundar,et al.  News cues: Information scent and cognitive heuristics , 2007, J. Assoc. Inf. Sci. Technol..

[18]  Richard R. Lau,et al.  Political cognition : the 19th Annual Carnegie Symposium on Cognition , 1986 .

[19]  Alice H. Eagly,et al.  Heuristic and systematic information processing within and beyond the persuasion context. , 1989 .

[20]  Robert W. Zmud,et al.  Inducing Sensitivity to Deception in Order to Improve Decision Making Performance: A Field Study , 2002, MIS Q..

[21]  Cliff Lampe,et al.  The Benefits of Facebook "Friends: " Social Capital and College Students' Use of Online Social Network Sites , 2007, J. Comput. Mediat. Commun..

[22]  S. Grazioli Where Did They Go Wrong? An Analysis of the Failure of Knowledgeable Internet Consumers to Detect Deception Over the Internet , 2004 .

[23]  Shyam Sundar,et al.  A Cognitive-Heuristics Approach to Understanding Presence in Virtual Environments , 2008 .

[24]  S. Chaiken Heuristic versus systematic information processing and the use of source versus message cues in persuasion. , 1980 .

[25]  Markus Jakobsson,et al.  What Instills Trust? A Qualitative Study of Phishing , 2007, Financial Cryptography.

[26]  Indranil Bose,et al.  Unveiling the Mask of Phishing: Threats, Preventive Measures, and Responsibilities , 2007, Commun. Assoc. Inf. Syst..

[27]  S. Shyam Sundar,et al.  Heuristic Versus Systematic Processing of Specialist Versus Generalist Sources in Online Media , 2010 .

[28]  Arun Vishwanath,et al.  Diffusion of deception in social media: Social contagion effects and its antecedents , 2014, Information Systems Frontiers.

[29]  Daniel L. Schacter,et al.  When False Recognition Meets Metacognition: The Distinctiveness Heuristic , 2002 .

[30]  Arun Vishwanath,et al.  Comparing Online Information Effects , 2003, Commun. Res..

[31]  B. Latané,et al.  Ten years of research on group size and helping Psychological Bulletin Vol 89 , 1981 .

[32]  Silvia Knobloch-Westerwick,et al.  News cues: Information scent and cognitive heuristics: Research Articles , 2007 .

[33]  M. Workman Wisecrackers: A theory-grounded investigation of phishing and pretext social engineering threats to information security , 2008 .