Factors influencing information security awareness of phishing attacks from bank customers’ perspective: A preliminary investigation

Abstract

Phishing is the act of sending e-mails pretending to be from genuine financial organizations and requesting private info such as username and password. Information security awareness of phishing attacks becomes the first line of data protection defence. Human factors are recognized as the main factors in addressing the issue of information security in online banking. Thus, identifying the issues and factors that influence information security awareness of phishing attacks are important. A preliminary investigation involving nine (9) professionals and academics using online banking has been conducted to obtain better understanding of the critical factors that may influence the information security awareness of phishing attacks. In-depth interview method is selected in this study. Thematic coding was conducted to characterise the themes and assess the factors found to be most influential. Results from the in-depth interviews with customers experienced in online banking showed that there are six (6) main themes may influence the degree to which information security may be learned. Security concerns, security attentiveness, user competency, computer knowledge, gender as well as the number of years of PC usage are the themes addressed by the key informants. These factors influence information security awareness of phishing attacks from the perspective of bank customers. In this investigation, we expect that the rate of phishing depends on six (6) principal factors likely to be prey to malicious phishers. This can be considered as the correlation between the background of the bank customers and their understanding in deploying online banking safety.