Journal
JOURNAL OF MANAGEMENT INFORMATION SYSTEMS
Volume 40, Issue 2, Pages 503-540Publisher
ROUTLEDGE JOURNALS, TAYLOR & FRANCIS LTD
DOI: 10.1080/07421222.2023.2196779
Keywords
Online phishing; temptation and restraint; social media; phishing susceptibility; situational contingency; Dual-System Theory
Ask authors/readers for more resources
User susceptibility to phishing messages on social media is an increasingly concerning issue in information security. This study presents a temptation and restraint model that explains users' engagement with social media phishing messages and their susceptibility to such attacks based on situational contingency factors. The findings offer insights into the genesis of social media phishing victimization and provide directions for future research in this area.
User susceptibility to phishing messages on social media is a growing information security concern. Contingency factors that can influence this susceptibility and the theoretical mechanisms through which they operate need more scholarly attention. To bridge this gap, we present a temptation and restraint (TR) model (a specific manifestation of the dual-system theory) of social media phishing susceptibility, which explains it as an outcome of a struggle between users' temptation toward engaging with a social media phishing message and their cognitive and behavioral restraint against it. The balance in this struggle is a function of various situational contingencies. First, via a Delphi study, we identify four key situational contingency factors in the context of social media that can influence this balance: (1) poor sleep quality, (2) social media ostracism, (3) source likability, and (4) fear appeals. Next, via five randomized controlled experiments using an ostensible social media paradigm with social media users, we show that the TR model explains (a) why and how users engage with social media phishing messages, and (b) when users are more or less susceptible to it based on key situational contingency factors. Our findings offer a nuanced perspective on social media phishing susceptibility, elucidate the fundamental roles of situational contingencies in the genesis of social media phishing victimization, and delineate important directions for future research in this area
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available