ABSTRACT: The article presents the results of a field study which investigated the type of internet fraud known as phishing, focusing on factors which cause people to be more or less susceptible to being deceived in this way. The study participants received a phishing e-mail (electronic mail) message asking for information which they were not supposed to divulge. Four behavioral factors were identified as correlating with a tendency to be duped by the phishing message. Suggestions are provided for antiphishing measures based on this data, centering on computer user education.
Key words and phrases: computer-mediated deception, electronic mail fraud, Internet security, interpersonal deception theory, phishing