Publication date: Available online 19 September 2017
Source:Decision Support Systems
Author(s): Arun Vishwanath
The study experimentally simulated a level-1 social networking-based phishing (SNP) attack, where a phisher using a phony profile attempts to friend an individual on Facebook, and a level-2 SNP attack, where a phisher attempts to extract information directly. The results implicate the use of cognitive shortcuts triggered by the cues afforded in Facebook's interface. Individuals appeared to be using the phisher's friend count as a heuristic for judging the authenticity of a level-1 request. They, thus, responded to a phisher displaying a large friend count even in the absence of a profile picture. Interestingly, the affordance of smartphones used to access social media—an issue that has received little academic attention—increased the odds of considering such requests sevenfold.
Source:Decision Support Systems
Author(s): Arun Vishwanath