Cognitive elements of learning and discriminability in anti-phishing training

People adjust decisions based on their experiences; and it is important to know how to shape these ex-periences effectively to improve their future decisions. We conducted laboratory experiments to study an effective way to shape end-users' experiences to improve their detection of phishing emails. Despite technical and training-based solutions to phishing detection, malicious emails continue to reach peo-ple broadly. The end-user's susceptibility towards phishing emails could be due to lack of experience in phishing, lack of motivation or inappropriate knowledge of phishing cues. In this paper, we study the effects of two experimental variables during a training phase: The frequency of phishing emails (low frequency-25%, medium frequency-50%, and high frequency-75%), and the type of feedback provided on the decisions made (outcome or detail feedback). The individual's base susceptibility to phishing emails was measured in a pre-training phase in which 20% of the emails were phishing and compared to a similar post-training phase. The results show that the type of feedback provided during training affected participants' sensitivity to detecting subsequent phishing emails. In addition, the frequency of phishing emails during training impacted their likelihood of classifying subsequent emails as phishing or legiti-mate. The results of these experiments show that anti-phishing training must be carefully designed taking into consideration the impact that these design choices have on human learning and decision making.(c) 2023 Elsevier Ltd. All rights reserved.

Automated summary

This study conducted laboratory experiments to investigate how to effectively shape end-users' experiences in order to improve their detection of phishing emails. The results showed that the type of feedback provided during training and the frequency of phishing emails had an impact on participants' subsequent judgments. Therefore, when designing anti-phishing training, it is important to consider the influence of these factors on human learning and decision making.