Abstract
An online diary study was conducted to investigate the experience of online security threats among Saudi young adults. Over a period of 30 days, 16 participants were asked to record up to three threats they received from online sources on any of their devices. 58 threats were received, and 98 cues were reported in detecting the threats. The Phish Scale proved useful to categorise the detection cues, but needed expansion, largely due to the proliferation of threat types, which can come through many online channels including SMS, WhatsApp and online voice channels. The majority of threats were phishing, with general email phishing and target email phishing (spear phishing) being the most common types. The cues most commonly used to detect threats were those related to language and content of the threat, technical indicators such as the lack of a sender name or email or a suspicious or hidden link to follow, and tactics such as posing as a business or making an offer “too good to be true”.
Original language | English |
---|---|
Title of host publication | IFIP International Symposium on Human Aspects of Information Security & Assurance (HAISA 2024) |
Publication status | Accepted/In press - 30 May 2024 |
Event | International Symposium on Human Aspects of Information Security & Assurance - Skövde, Sweden Duration: 9 Jul 2024 → 11 Jul 2024 Conference number: 18th https://haisa.org/ |
Conference
Conference | International Symposium on Human Aspects of Information Security & Assurance |
---|---|
Abbreviated title | HAISA 2024 |
Country/Territory | Sweden |
City | Skövde |
Period | 9/07/24 → 11/07/24 |
Internet address |
Bibliographical note
This is an author-produced version of the published paper. Uploaded in accordance with the University’s Research Publications and Open Access policy.Keywords
- Online Security Threats
- Online Security Threat Types
- Cues to Detect Online Security Threats
- Young Adults
- Kingdom of Saudi Arabia
- Phishing