Weakest link: Assessing factors that influence susceptibility to falling victim to phishing attacks and methods to mitigate

The research conducted for this project sought to understand the factors that impact the likelihood an individual will be victimized by a phishing attack. The research also sought to identify effective training approaches and technology available to supplement human defenses. Understanding these factors, training methods, and technology will allow organizations to strengthen their information security program. The research conducted confirmed that certain personality types and habits, such as gullibility, narcissism, psychopathy, and habitual email use, influence the likelihood an individual will fall victim to a phishing attack. Rule-based and mindfulness training, as well as communication tones, were examined and proved equally effective in supporting the detection of phishing emails. Technology also proved to be complementary to human defenses. Additional research is needed to determine how to leverage the personality trait learnings in a business setting.