Catch The Phish: A Study On Decision-making and Reporting Behavior For Phishing Attacks

Master thesis (2023)

Authors

R. Bahl Technology, Policy and Management

Contributors

S.E. Parkin Organisation & Governance - TPM (supervisor 1)
J. Lieu Organisation & Governance - TPM (supervisor 1)
M.J.G. van Eeten Organisation & Governance - TPM (coach)
Faculty
Technology, Policy and Management
Copyright: © 2023 Robin Bahl
More Info
expand_more

Published Date

17-08-2023

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Technology, Policy and Management

Abstract

Addressing the growing problem of phishing attacks requires nurturing a reporting culture within organizations. This research examines the factors influencing reporting behavior and the role of infrastructure & support in enhancing reporting rates. By adopting a mixed methods approach and analyzing phishing simulation logs and user perspectives, the study utilizes the COMB model to identify key factors that affect reporting behavior. The research emphasizes the importance of reassessing the desired level of reporting to ensure the benefits of reporting do not overshadow the associated costs. To foster a reporting culture, organizations should ensure a user-friendly reporting process and offer regular reminders and training programs. Emphasizing communication, transparency, and trust-building are vital in encouraging reporting and providing timely feedback. Leveraging technology to optimize the reporting process and appreciating users' efforts further enhance reporting rates. Overall, embracing a paradigm shift that recognizes users as part of the solution is crucial in nurturing a reporting culture and ensuring a secure digital environment.