Who Gets Caught in the Web of Lies?: Understanding Susceptibility to Phishing Emails, Fake News Headlines, and Scam Text Messages.

Objective: The present study investigated if the same users are vulnerable to phishing emails, scam text messages, and fake news headlines and if there are universal predictors of susceptibility for all three tasks.

Background: Theoretical research provides support for the notion that the same users likely fall for multiple forms of online deception. However, no research has directly compared susceptibility for various online deceptions (eg phishing, disinformation, scam text messages) within the same group of users.

Method: Participants completed an online survey consisting of demographic questions, the Cognitive Reflection Test (ie impulsivity), and the Digital Literacy Scale, and classified 90 legitimate and deceptive emails, text messages, and news headlines.

Results: Results suggest that individuals who struggle to discriminate between deceptive and legitimate stimuli on one task experience similar difficulties on the other two tasks. Additionally, while lower levels of digital literacy and cognitive reflectiveness predicted poorer discrimination abilities across all three tasks, age did not predict performance. Interestingly, participants appeared to be the most susceptible to phishing emails.

Conclusion: Overall, individuals who fall for one form of online deception appear to be more likely to fall for other forms of deception, and digital literacy and cognitive reflectiveness can predict widespread vulnerability to online deception.

Application: Organizations may be able to identify potential vulnerabilities for a variety of online attacks by measuring digital literacy, cognitive reflectiveness, and performance in one online deception task. Additionally, training interventions may be the most needed for phishing emails.