Understanding Phishing Victimization Through Qualitative Focus Groups

MAster assignment

Type: Master CS or Master BIT

Period: Start date: as soon as possible

Student: Unassigned

If you are interested please contact:

Objective:
Phishing attacks remain a persistent and evolving threat, causing significant financial and personal harm to individuals. Despite increasing awareness of cybercrime, many users continue to fall victim to these scams. This research aims to delve into the underlying reasons for phishing victimization by exploring the experiences and perspectives of those who have been directly affected. Through qualitative focus groups, we seek to identify commonly observed behaviors, psychological vulnerabilities, and knowledge gaps that contribute to susceptibility to phishing attacks. The ultimate goal is to inform the development of more effective prevention strategies and educational interventions.

Research questions:
This study will address the following key research questions:

What are the commonly observed behaviors and decision-making processes that lead individuals to become victims of phishing attacks?
What psychological tricks and persuasive techniques are commonly employed in successful phishing scams?
What specific knowledge or awareness, if provided to individuals prior to potential attacks, could enhance their ability to recognize and avoid phishing attempts, even if they are generally aware of cybercrime?

Research methodology:
This study will employ a qualitative research design, utilizing focus groups as the primary data collection method. Focus groups are well-suited for exploring complex social phenomena and uncovering nuanced perspectives. The target population for this study is individuals who have self-identified as victims of phishing attacks. Participants will be recruited through online forums, community organizations, and snowball sampling. We aim to recruit 3-4 focus groups, with 6-8 participants in each group, to ensure a diversity of experiences and perspectives. Inclusion criteria will include confirmed experience as a phishing victim and willingness to share their experiences openly. Semi-structured focus group interviews will be conducted by experienced moderators. The interview guide will cover topics such as the circumstances surrounding the phishing attack, the victim's decision-making process, their emotional responses, and their understanding of cybersecurity threats. The interviews will be audio-recorded and transcribed. The transcribed data will be analyzed using content analysis. This involves systematically coding the data to identify recurring themes, patterns, and key insights related to the research questions. The coding scheme will be developed iteratively, based on a close reading of the transcripts and informed by relevant literature on phishing and cybersecurity. Inter-coder reliability will be assessed to ensure the consistency and validity of the coding process.

Expected Outcomes and Significance:
This research is expected to yield valuable insights into the cognitive and behavioral factors that contribute to phishing victimization. By identifying commonly observed behaviors, psychological vulnerabilities, and knowledge gaps, we can inform the development of more targeted and effective phishing prevention strategies. The ultimate goal is to empower individuals with the knowledge and skills they need to protect themselves from phishing attacks and reduce the incidence of victimization.

Ethical Considerations:
This study will be conducted in accordance with ethical principles of research involving human subjects. Anonymity and confidentiality will be maintained throughout the research process. The study protocol will be reviewed and approved by the Ethics Committee Computer & Information Science (EC-CIS).