A Users' Awareness Study and Influence of Socio-Demography Perception of Anti-Phishing Security Tips

Abstract

Security tips are now used as a method of priming online users from falling prey for fraudulent scams. These security tips usually come as email, SMS or online posts where they can be easily accessed by the users. In this work, phishing attacks are simulated with varying cues that are available in such fraudulent email messages, SMS and web pages were used to investigate the effectiveness of the security tips used by Nigerian banks to prime their customers of online threats. A total of 427 respondents, purposively selected from three tertiary institutions in Ogun State, participated in the study. Each respondent was asked to identify five messages with varying phishing cues to evaluate their understanding of the security tips messages. The results which were computed at 95% Confidence Interval, indicated that 58.91% failed on the first attribute, 58.59% failed on the second attribute while 58.73% failed on the third attribute. 74.24% of the participant could not correctly identify a fake email message (fourth attribute) while 76.71% could not correctly identify a phished bank verification number update message (fifth attribute). Using the Mann Whitney Test, the result further showed that overall, those who failed the test are significantly more than those who passed. Moreover, a regression model is proposed to evaluate the influence of the socio demographic factors used in the study. This result indicated that gender, academic qualification and user's computer knowledge significantly influences their ability to recognize phished messages.