Sharing passwords with strangers – A laboratory study
Anna Lena Fehlhaber
Abstract
Purpose This study aims to investigate the conditions under which people are inclined to engage with social engineering propositions. Using the contributions of Prospect Theory, the role of individual utility evaluations and risk perception were examined. Design/methodology/approach A laboratory experiment was conducted with a sample of 82 people from Germany. Participants were asked to work on tasks when they were approached by a third-party social engineer who offered to help them complete the task in exchange for their social media password. The experiment was conducted in a laboratory setting to control for extraneous factors. Findings The results showed that participants were more likely to share their password when the perceived profitability of doing so was high, when they expected that the trust would be rewarded, and when they perceived the stranger to be trustworthy. The findings suggest that this framework could be used to develop more effective strategies to prevent social engineering attacks. Originality/value This study uniquely contributes to the literature by applying a Prospect Theory framework to explore the decision-making processes of individuals in the context of social engineering, offering novel insights into the psychosociological mechanisms that influence individuals’ susceptibility to phishing tactics.
Evidence weight
Balanced mode · F 0.40 / M 0.15 / V 0.05 / R 0.40
| F · citation impact | 0.50 × 0.4 = 0.20 |
| M · momentum | 0.50 × 0.15 = 0.07 |
| V · venue signal | 0.50 × 0.05 = 0.03 |
| R · text relevance † | 0.50 × 0.4 = 0.20 |
† Text relevance is estimated at 0.50 on the detail page — for your query’s actual relevance score, open this paper from a search result.