Roles of Feedback and Phishing Characteristics in Antiphishing Training Performance: Perspectives of Goal Setting and Skill Acquisition

Authors: Pan, Shihe; Kwak, Dong-Heon; Kuem, Jungwon; Kim, Sung S.

Journal: Journal of the Association for Information Systems (2024)

DOI: 10.17705/1jais.00854

<jats:p>Because phishing attacks often exploit individuals’ inexperience in detecting them, it is important for managers to provide workers with proper feedback on their reactions to phishing scams. However, little is known about what types of feedback are more effective in facilitating antiphishing training behavior and performance. The objectives of this study are to identify (1) the determinants of decision avoidance and detection accuracy, (2) the contextual effect of type of feedback in antiphishing training, (3) the impacts of perceived detection efficacy on training outcomes, and (4) the interaction effects between feedback characteristics and perceived detection efficacy/phishing characteristics on training outcomes. Drawing upon goal-setting theory, skill acquisition theory, and antiphishing training literature, our model provides a theoretical account of how feedback characteristics (e.g., type, quantity), phishing characteristics (e.g., phishing cue saliency), and perceived detection efficacy affect antiphishing training outcomes (e.g., decision avoidance and detection accuracy). To empirically test the model, we performed four experiments with 652 subjects in the Unite…

View in Otero