TY - GEN
T1 - A Diary Study to Understand Young Saudi Adult Users' Experiences of Online Security Threats
AU - Aldaraani, Najla
AU - Petrie, Helen
AU - Shahandashti, Siamak F.
N1 - This is an author-produced version of the published paper. Uploaded in accordance with the University’s Research Publications and Open Access policy.
PY - 2025
Y1 - 2025
N2 - An online diary study was conducted to investigate the experience of online security threats among Saudi young adults. Over a period of 30 days, 16 participants were asked to record up to three threats they received from online sources on any of their devices. 58 threats were received, and 98 cues were reported in detecting the threats. The Phish Scale proved useful to categorise the detection cues, but needed expansion, largely due to the proliferation of threat types, which can come through many online channels including SMS, WhatsApp and online voice channels. The majority of threats were phishing, with general email phishing and target email phishing (spear phishing) being the most common types. The cues most commonly used to detect threats were those related to language and content of the threat, technical indicators such as the lack of a sender name or email or a suspicious or hidden link to follow, and tactics such as posing as a business or making an offer “too good to be true”.
AB - An online diary study was conducted to investigate the experience of online security threats among Saudi young adults. Over a period of 30 days, 16 participants were asked to record up to three threats they received from online sources on any of their devices. 58 threats were received, and 98 cues were reported in detecting the threats. The Phish Scale proved useful to categorise the detection cues, but needed expansion, largely due to the proliferation of threat types, which can come through many online channels including SMS, WhatsApp and online voice channels. The majority of threats were phishing, with general email phishing and target email phishing (spear phishing) being the most common types. The cues most commonly used to detect threats were those related to language and content of the threat, technical indicators such as the lack of a sender name or email or a suspicious or hidden link to follow, and tactics such as posing as a business or making an offer “too good to be true”.
KW - Online Security Threats
KW - Online Security Threat Types
KW - Cues to Detect Online Security Threats
KW - Young Adults
KW - Kingdom of Saudi Arabia
KW - Phishing
UR - http://www.scopus.com/inward/record.url?scp=85211349067&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-72559-3_4
DO - 10.1007/978-3-031-72559-3_4
M3 - Conference contribution
AN - SCOPUS:85211349067
SN - 9783031725586
T3 - IFIP Advances in Information and Communication Technology
SP - 47
EP - 60
BT - IFIP International Symposium on Human Aspects of Information Security & Assurance (HAISA 2024)
A2 - Clarke, Nathan
A2 - Furnell, Steven
PB - Springer Science and Business Media Deutschland GmbH
T2 - 18th IFIP WG 11.12 International Symposium on Human Aspects of Information Security and Assurance, HAISA 2024
Y2 - 9 July 2024 through 11 July 2024
ER -