Comparative Analysis of User Responses to Phishing: Emails vs Mobile Instant Messaging Apps

Abstract

As phishing gets more sophisticated and multiple tactics are employed across various communication mediums, analysing users’ responses becomes increasingly essential. The extensive literature review indicates that most studies focus on a single medium across different communication platforms, necessitating additional effort. This research paper compares users’ responses to phishing attacks via two major communication platforms: Email and Mobile Instant Messaging (MIM) Apps. Understanding how users recognise and respond to phishing incidents is crucial for improving cybersecurity measures. A structured survey was conducted to investigate multiple dimensions of user interaction with phishing, such as self-reported confidence in phishing identification, frequency of phishing experiences, reliance on specific features for identification, and actions taken in response to suspected phishing attempts. The results reveal several key insights: 1) the study identifies the demographics of users most vulnerable to phishing attacks; 2) it highlights the similarities and differences in what prevents phishing messages from targeting the inbox and app interception; The study also offers recommendations to enhance users’ willingness and capability to withstand phishing attacks, including targeted educational campaigns, more convenient reporting options, and changes in the design of digital communication platforms.