Mobile device users' susceptibility to phishing attacks

TL;DR

This study investigates how mobile device users' perceptions of threat influence their motivation and behavior to avoid phishing attacks, highlighting the importance of perceived severity and susceptibility.

Contribution

It applies the Technology Threat Avoidance Theory to identify factors influencing users' threat avoidance behaviors specifically against mobile phishing attacks.

Findings

Perceived susceptibility and severity significantly influence threat perception.

Motivation to avoid threats correlates with actual avoidance behavior.

Perception of threat severity reduces susceptibility to phishing.

Abstract

The mobile device is one of the fasted growing technologies that is widely used in a diversifying sector. Mobile devices are used for everyday life, such as personal information exchange - chatting, email, shopping, and mobile banking, contributing to information security threats. Users' behavior can influence information security threats. More research is needed to understand users' threat avoidance behavior and motivation. Using Technology threat avoidance theory (TTAT), this study assessed factors that influenced mobile device users' threat avoidance motivations and behaviors as it relates to phishing attacks. From the data collected from 137 mobile device users using a questionnaire, the findings indicate that (1) mobile device users' perceived susceptibility and severity of phishing attacks have a significant correlation with a users' perception of the threat; (2) mobile device users' motivation to avoid a threat is correlated to a users' behavior in avoiding threat; and (3) a mobile device user's susceptibility to phishing attacks can be reduced by their perception of the threat. These findings reveal that a user's perception of threat increases if they perceive that the consequence of such threat to their mobile devices will be severe, thereby increasing a user's motivation and behavior to avoid phishing attack threats. This study is beneficial to mobile device users in personal and organizational settings.