Should we learn from the past or forget what we know about phishing in today's rapidly changing environment?
Keywords
Loading...
Authors
Issue Date
2025-07-01
Language
en
Document type
Journal Title
Journal ISSN
Volume Title
Publisher
Title
ISSN
Volume
Issue
Startpage
Endpage
DOI
Abstract
As generative artificial intelligence is becoming increasingly better at generating realistic spear phishing emails, gaining a better understanding of the impact of this on consumer vulnerability is becoming more important than ever.
This study aims to investigate the impact of GenAI made spear phishing emails on consumer vulnerability compared to human made spear phishing emails, while exploring the moderating role of phishing cue knowledge. A between subjects experiment (N=205) was conducted in which participants were tasked to sort a set of emails to determine their detection accuracy. This set of emails contained spear phishing emails either made by humans or by GenAI, depending on what group participants got in. Next to the spear phishing emails, the set also include genuine emails for both groups. After that participants filled in a survey to measure their phishing cue knowledge, fear of online identity theft and conscientiousness. All participants were Dutch and 18 years old or above.
Results showed that GenAI made spear phishing emails caused an increase in consumer vulnerability, compared to huma made spear phishing emails. Phishing cue knowledge was not found to moderate this relationship.
These findings contribute to the literature about spear phishing and consumer vulnerability by being among the first to empirically test the impact of GenAI. The findings also show the importance for managers to take action and rethink security measures to account for the increasing dangers of GenAI.
Description
Citation
Supervisor
Faculty
Faculteit der Managementwetenschappen