Abstract

Phishing attacks have threatened the security of both home users and organisations in recent years. Phishing uses social engineering to fraudulently obtain information that is confidential or sensitive. Individuals are targeted to take action by clicking on a link and providing information. This research explores fear arousal and self-confidence in subjects confronted by phishing attacks. The study collected data from multiple sources (including an attempted phishing attack). The survey results indicated that when individuals had a high level of fear arousal related to providing login credentials they had a decreased intention to respond to a phishing attack. Self-confidence did not significantly moderate the relationship between fear arousal and intention to respond to a phishing attack but it did have a significant direct positive influence on intention. The results from the experiment indicated that 18% of individuals overall clicked on the link. The combined data indicated that higher level of fear arousal resulted in a decreased intention to respond to a phishing attack and a decreased actual click behaviour. The research explores how fear of providing login credentials influences both intention to respond and actual response to a phishing attack. When fear arousal is high, individuals are less likely to respond.