DIGITAL LIFE
This habit increases your chances of falling for an online scam, study shows
A common habit can increase your risk of phishing, according to a new study by researchers at Binghamton University and the State University of New York. Phishing is a type of cyberattack that uses fraudulent emails, text messages, phone calls, or websites to carry out scams.
According to those responsible for the study, published in the European Journal of Information Systems, approximately 3.4 billion scam emails are sent each day. Multitasking increases your chances of becoming a target, the scientists concluded.
“When working with multiple screens, your attention is never fully focused on one of them, especially when dealing with urgent tasks. If you want to respond quickly to an email, it's easy to ignore the warning signs of a phishing message,” said Professor Jinglu Jiang, co-author of the study, in a statement. The study suggests that multitasking online significantly impairs phishing detection because, when overloaded with information, people lose their ability to spot suspicious signs.
To reach this conclusion, experiments were conducted with 977 participants who simulated common scenarios in which they had to complete everyday tasks. At certain points during the activity, the volunteers were asked to analyze potential phishing messages.
However, the study also points to a surprisingly simple solution: timely reminders that help redirect attention. While attention to phishing detection plummeted when working memory load was high, when brief reminders were introduced, participants' performance improved even in multitasking scenarios.
"We designed a very simple notification system to alert people to risk factors, so that phishing messages don't get lost in the rush and people can detect them more efficiently," says the professor.
For example, while switching between spreadsheets and messaging apps, the email interface would display a colored banner at the top of a suspicious message. Occasionally, the system would also issue notifications warning: "This message may be fraudulent, please take a second look."
"The techniques used by these scammers are becoming more sophisticated every day; they create fake accounts and, in many cases, mask the sender's identity. Our study shows that phishing detection can plummet during multitasking, and that threat- and loss-based messages are the hardest to identify. But these little reminders, these nudges, can be truly helpful," concludes the study's author.
For employers, IT managers, and security professionals, the study's leaders offer recommendations:
Incorporate reminders into everyday tools, from banners in Outlook to integrations in Slack or Teams.
Personalize based on content: Offer more reminders for scams based on attractive rewards.
Train for reality: Most phishing training assumes focused users, but in the real world, employees are always multitasking—and training should reflect that.
No comments:
Post a Comment