Gone Smishing: Testing Protection Motivation Theory with Simulated Smishing Attacks

• In Event: Phishing & Smishing Scams

Abstract

Educating internet users regarding cyber hygiene has the potential to mitigate susceptibility to various forms of cybercrime. With constantly evolving attack vectors, it is imperative for internet users to be equipped with the strategies necessary to safeguard against online attacks. This provision of cybersecurity education functions as a fear appeal, where individuals are presented with a potential threat (i.e., identity theft) and a suggested behavior to avoid falling victim (i.e., not clicking on links from unknown sources). The current study employed an experimental vignette framework to present respondents with a fear appeal, warning against engaging with links that are sent from unknown sources. Using structural equation modeling, we conduct a test of Protection Motivation Theory using simulated smishing attacks as the outcome. Furthermore, the utilization of a vignette design allows for an exploration of the how variations in the presentation of fear appeals influence susceptibility to simulated attacks. The findings and how they inform the literature on cybercrime prevention are discussed.

Authors

• Taylor Fisher, University of South Florida

• George Burruss, University of South Florida

• Christian Jordan Howell, University of South Florida