Email and Website-Based Phishing Attack: Examining Online Users Security Behavior in Cyberspace Environment

Despite Emails and websites being widely used for communication, collaboration, and day-to-day activity, not all online users have the same knowledge and skills when determining the credibility of visited websites and email content. As a result, phishing, an identity theft cyber-attack that targets humans rather than computers, was born to harvest internet users’ confidential information by taking advantage of human behavior and hurting an organization’s continuity, reputation, and credibility. Because the success of phishing attacks depends on human behavior, using the Health-Belief Model, the study’s objective is to examine significant factors that influence online users’ security behavior in the context of Email and website-based phishing attacks. The model included eight predictor variables and was validated using quantitative data from 138 academic staff. The study findings exhibit that 4 out of 8 predictor variables, namely Perceived-Barriers, Perceived-Susceptibility, Self-efficacy, and Security-Awareness, are statistically significant in determining users’ security behavior. The study’s outcome is to assist in the appropriate design of both online and offline content for cyber security awareness programs, focusing on Email and website-based phishing attacks.