{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,24]],"date-time":"2026-03-24T15:56:20Z","timestamp":1774367780159,"version":"3.50.1"},"reference-count":105,"publisher":"Emerald","issue":"5","license":[{"start":{"date-parts":[[2020,8,5]],"date-time":"2020-08-05T00:00:00Z","timestamp":1596585600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ICS"],"published-print":{"date-parts":[[2020,8,5]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-subheading\">Purpose<\/jats:title><jats:p>Social engineering is a prominent aspect of online crime. Various interventions have been developed to reduce the success of this type of attacks. This paper aims to investigate if interventions can help to decrease the vulnerability to social engineering attacks. If they help, the authors investigate which forms of interventions and specific elements constitute success.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Design\/methodology\/approach<\/jats:title><jats:p>The authors selected studies which had an experimental design and rigorously tested at least one intervention that aimed to reduce the vulnerability to social engineering. The studies were primarily identified from querying the Scopus database. The authors identified 19 studies which lead to the identification of 37 effect sizes, based on a total sample of N = 23,146 subjects. The available training, intervention materials and effect sizes were analysed. The authors collected information on the context of the intervention, the characteristics of the intervention and the characteristics of the research methodology. All analyses were performed using random-effects models, and heterogeneity was quantified.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Findings<\/jats:title><jats:p>The authors find substantial differences in effect size for the different interventions. Some interventions are highly effective; others have no effect at all. Highly intensive interventions are more effective than those that are low on intensity. Furthermore, interventions with a narrow focus are more effective than those with a broad focus.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Practical implications<\/jats:title><jats:p>The results of this study show differences in effect for different elements of interventions. This allows practitioners to review their awareness campaigns and tailor them to increase their success.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-subheading\">Originality\/value<\/jats:title><jats:p>The authors believe that this is the first study that compares the impact of social engineering interventions systematically.<\/jats:p><\/jats:sec>","DOI":"10.1108\/ics-07-2019-0078","type":"journal-article","created":{"date-parts":[[2020,8,4]],"date-time":"2020-08-04T07:50:25Z","timestamp":1596527425000},"page":"801-830","source":"Crossref","is-referenced-by-count":29,"title":["How effective are social engineering interventions? A meta-analysis"],"prefix":"10.1108","volume":"28","author":[{"given":"Jan-Willem","family":"Bullee","sequence":"first","affiliation":[]},{"given":"Marianne","family":"Junger","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"issue":"3","key":"key2020110313135310400_ref001","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1016\/j.techsoc.2010.07.001","article-title":"An overview of social engineering malware: TRENDS, tactics, and implications","volume":"32","year":"2010","journal-title":"Technology in Society"},{"issue":"3","key":"key2020110313135310400_ref002","doi-asserted-by":"crossref","first-page":"242","DOI":"10.1007\/s12559-010-9042-7","article-title":"Experimental case studies for investigating e-banking phishing techniques and attack strategies","volume":"2","year":"2010","journal-title":"Cognitive Computation"},{"issue":"2","key":"key2020110313135310400_ref003","doi-asserted-by":"crossref","first-page":"160","DOI":"10.1509\/jmr.09.0215","article-title":"The impact of relative standards on the propensity to disclose","volume":"49","year":"2012","journal-title":"Journal of Marketing Research"},{"issue":"0","key":"key2020110313135310400_ref004","first-page":"1","article-title":"Challenges and performance metrics for security operations center analysts: a systematic review","volume":"0","year":"2019","journal-title":"Journal of Cyber Security Technology"},{"key":"key2020110313135310400_ref005","doi-asserted-by":"crossref","first-page":"331","DOI":"10.1007\/978-3-662-58254-1_37","article-title":"What is the difference between a systematic review and a meta-analysis","volume-title":"Basic Methods Handbook for Clinical Orthopaedic Research: A Practical Guide and Case Based Research Approach","year":"2019"},{"key":"key2020110313135310400_ref006","first-page":"405","article-title":"An anti-phishing approach that uses training intervention for phishing websites detection","volume-title":"ITNG 2009 \u2013 6th International Conference on Information Technology: New Generations","year":"2009"},{"key":"key2020110313135310400_ref007","first-page":"485","article-title":"Design a mobile game for home computer users to prevent from \u2018phishing attacks\u2019","volume-title":"Information society (i-society), 2011 International Conference on","year":"2011"},{"key":"key2020110313135310400_ref008","doi-asserted-by":"crossref","first-page":"185","DOI":"10.1016\/j.chb.2016.02.065","article-title":"Phishing threat avoidance behaviour: an empirical investigation","volume":"60","year":"2016","journal-title":"Computers in Human Behavior"},{"issue":"2","key":"key2020110313135310400_ref009","doi-asserted-by":"crossref","first-page":"193","DOI":"10.1509\/jppm.23.2.193.51400","article-title":"Meta-analyses of the effectiveness of warning labels","volume":"23","year":"2004","journal-title":"Journal of Public Policy and Marketing"},{"key":"key2020110313135310400_ref010","article-title":"Cyber security awareness campaigns: why do they fail to change behaviour?","year":"2015"},{"key":"key2020110313135310400_ref011","article-title":"The scale and nature of fraud: a review of the evidence","year":"2017"},{"issue":"2","key":"key2020110313135310400_ref012","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1002\/jrsm.12","article-title":"A basic introduction to fixed-effect and random-effects models for meta-analysis","volume":"1","year":"2010","journal-title":"Research Synthesis Methods"},{"key":"key2020110313135310400_ref013","volume-title":"Computer Security Handbook","year":"2014","edition":"6th ed"},{"issue":"5","key":"key2020110313135310400_ref014","doi-asserted-by":"crossref","first-page":"1016","DOI":"10.1111\/j.1365-2648.1996.tb00084.x","article-title":"A quasi-experimental research to investigate the retention of basic cardiopulmonary resuscitation skills and knowledge by qualified nurses following a course in professional development","volume":"23","year":"1996","journal-title":"Journal of Advanced Nursing"},{"issue":"5","key":"key2020110313135310400_ref015","doi-asserted-by":"crossref","first-page":"593","DOI":"10.1108\/ICS-03-2017-0009","article-title":"Spear phishing in organisations explained","volume":"25","year":"2017","journal-title":"Information and Computer Security"},{"key":"key2020110313135310400_ref016","first-page":"107","article-title":"Telephone-based social engineering attacks: an experiment testing the success and time decay of an intervention","volume":"14","year":"2016","journal-title":"Cryptology and Information Security Series"},{"issue":"1","key":"key2020110313135310400_ref017","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1007\/s11292-014-9222-7","article-title":"The persuasion and security awareness experiment: reducing the success of social engineering attacks","volume":"11","year":"2015","journal-title":"Journal of Experimental Criminology"},{"issue":"6280","key":"key2020110313135310400_ref018","doi-asserted-by":"crossref","first-page":"1433","DOI":"10.1126\/science.aaf0918","article-title":"Evaluating replicability of laboratory experiments in economics","volume":"351","year":"2016","journal-title":"Science"},{"issue":"4","key":"key2020110313135310400_ref019","doi-asserted-by":"crossref","first-page":"330","DOI":"10.1177\/1088868312440047","article-title":"Sequential priming measures of implicit social cognition: a meta-analysis of associations with behavior and explicit attitudes","volume":"16","year":"2012","journal-title":"Personality and Social Psychology Review"},{"key":"key2020110313135310400_ref020","doi-asserted-by":"publisher","DOI":"10.24251\/HICSS.2019.574","article-title":"Measuring human resilience in the face of the global epidemiology of cyber attacks","volume-title":"Proceedings of the 52nd Hawaii International Conference on System Sciences","year":"2019"},{"key":"key2020110313135310400_ref021","volume-title":"Experimental and Quasi-Experimental Designs for Research","year":"1963"},{"key":"key2020110313135310400_ref022","article-title":"NoPhish app evaluation: Lab and retention study","volume-title":"NDSS workshop on usable security 2015","year":"2015"},{"issue":"1","key":"key2020110313135310400_ref023","doi-asserted-by":"crossref","first-page":"28","DOI":"10.1109\/MSP.2013.106","article-title":"Going spear phishing: exploring embedded training and awareness","volume":"12","year":"2014","journal-title":"IEEE Security and Privacy"},{"issue":"1","key":"key2020110313135310400_ref024","first-page":"71","article-title":"Retention of aeronautical knowledge","volume":"6","year":"2006","journal-title":"International Journal of Applied Aviation Studies"},{"issue":"14","key":"key2020110313135310400_ref025","first-page":"e5","article-title":"Human-centered strategies for cyber-physical systems security","volume":"4","year":"2018","journal-title":"ICST Transactions on Security and Safety"},{"issue":"3","key":"key2020110313135310400_ref026","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1080\/15536548.2005.10855772","article-title":"Perceptions of information security in the workplace: Linking information security climate to compliant behavior","volume":"1","year":"2005","journal-title":"Journal of Information Privacy and Security"},{"key":"key2020110313135310400_ref027","first-page":"105","article-title":"Bayesian network models in cyber security: a systematic review","volume-title":"Secure It Systems","year":"2017"},{"key":"key2020110313135310400_ref028","first-page":"16","article-title":"It\u2019s all about the benjamins: an empirical study on incentivizing users to ignore security advice","volume-title":"International Conference on Financial Cryptography and Data Security","year":"2011"},{"key":"key2020110313135310400_ref029","volume-title":"E-Learning and the Science of Instruction: Proven Guidelines for Consumers and Designers of Multimedia Learning","year":"2016"},{"key":"key2020110313135310400_ref030","article-title":"Statistical power analysis for the behavioral sciences","year":"2013"},{"issue":"6","key":"key2020110313135310400_ref031","doi-asserted-by":"crossref","first-page":"1739","DOI":"10.1016\/j.chb.2010.06.023","article-title":"It won\u2019t happen to me: promoting secure behaviour among internet users","volume":"26","year":"2010","journal-title":"Computers in Human Behavior"},{"issue":"1","key":"key2020110313135310400_ref032","doi-asserted-by":"crossref","first-page":"73","DOI":"10.1016\/j.cose.2006.10.009","article-title":"Phishing for user security awareness","volume":"26","year":"2007","journal-title":"Computers and Security"},{"key":"key2020110313135310400_ref033","article-title":"MINDSPACE: influencing behaviour for public policy","year":"2010"},{"key":"key2020110313135310400_ref034","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1145\/1143120.1143131","article-title":"Decision strategies and susceptibility to phishing","volume-title":"Proceedings of The Second Symposium on Usable Privacy and Security","year":"2006"},{"issue":"3","key":"key2020110313135310400_ref035","first-page":"319","article-title":"The role of auditory features in memory span for words","volume":"6","year":"1980","journal-title":"Journal of Experimental Psychology: Human Learning and Memory"},{"key":"key2020110313135310400_ref036","volume-title":"Memory: A Contribution to Experimental Psychology","year":"1913"},{"key":"key2020110313135310400_ref037","first-page":"52","article-title":"The importance of being earnest [in security warnings]","volume-title":"International Conference on Financial Cryptography and Data Security","year":"2013"},{"key":"key2020110313135310400_ref038","doi-asserted-by":"crossref","first-page":"1065","DOI":"10.1145\/1357054.1357219","article-title":"You\u2019ve been warned: an empirical study of the effectiveness of web browser phishing warnings","volume-title":"Proceedings of the Sigchi Conference on Human Factors in Computing Systems","year":"2008"},{"key":"key2020110313135310400_ref039","first-page":"13","article-title":"The Maryland scientific methods scale","year":"2002","journal-title":"Evidence-Based Crime Prevention"},{"issue":"3","key":"key2020110313135310400_ref040","doi-asserted-by":"crossref","first-page":"380","DOI":"10.1177\/0011128700046003007","article-title":"Lessons from two randomized experiments in criminal justice settings","volume":"46","year":"2000","journal-title":"Crime and Delinquency"},{"issue":"3","key":"key2020110313135310400_ref041","doi-asserted-by":"crossref","first-page":"10","DOI":"10.1016\/S1361-3723(07)70035-0","article-title":"Phishing: Can we spot the signs?","volume":"2007","year":"2007","journal-title":"Computer Fraud and Security"},{"key":"key2020110313135310400_ref042","first-page":"269","article-title":"Human factors in information security culture: a literature review","volume-title":"Advances in Human Factors in Cybersecurity","year":"2018"},{"issue":"1","key":"key2020110313135310400_ref043","first-page":"16","article-title":"A retrieval account of the long-term modality effect","volume":"10","year":"1984","journal-title":"Journal of Experimental Psychology: Learning Memory and Cognition"},{"issue":"2","key":"key2020110313135310400_ref044","doi-asserted-by":"crossref","first-page":"149","DOI":"10.1023\/B:GRUP.0000021839.04093.5d","article-title":"Where did they go wrong? An analysis of the failure of knowledgeable internet consumers to detect deception over the internet","volume":"13","year":"2004","journal-title":"Group Decision and Negotiation"},{"key":"key2020110313135310400_ref045","article-title":"Looking without seeing: understanding unsophisticated consumers\u2019 success and failure to detect internet deception","volume-title":"ICIS 2001 Proceedings","year":"2001"},{"key":"key2020110313135310400_ref046","volume-title":"Social Engineering: The Art of Human Hacking","year":"2010"},{"key":"key2020110313135310400_ref047","doi-asserted-by":"crossref","first-page":"372","DOI":"10.1016\/j.chb.2016.03.026","article-title":"Trick with treat \u2013 reciprocity increases the willingness to communicate personal data","volume":"61","year":"2016","journal-title":"Computers in Human Behavior"},{"key":"key2020110313135310400_ref048","doi-asserted-by":"crossref","first-page":"101","DOI":"10.1016\/j.cose.2018.02.020","article-title":"Detecting semantic social engineering attacks with the weakest link: implementation and empirical evaluation of a human-as-a-security-sensor framework","volume":"76","year":"2018","journal-title":"Computers and Security"},{"issue":"2-3","key":"key2020110313135310400_ref049","doi-asserted-by":"crossref","first-page":"61","DOI":"10.1017\/S0140525X0999152X","article-title":"The weirdest people in the world?","volume":"33","year":"2010","journal-title":"Behavioral and Brain Sciences"},{"key":"key2020110313135310400_ref050","doi-asserted-by":"crossref","first-page":"553","DOI":"10.1002\/9781118303092.ch28","article-title":"Cybercrime victimization","volume-title":"The Wiley Handbook on the Psychology of Violence","year":"2016"},{"issue":"4","key":"key2020110313135310400_ref051","first-page":"16","article-title":"Security and identification indicators for browsers against spoofing and phishing attacks","volume":"8","year":"2008","journal-title":"ACM Transactions on Internet Technology (TOIT)"},{"issue":"3","key":"key2020110313135310400_ref052","doi-asserted-by":"crossref","first-page":"393","DOI":"10.3233\/JCS-130467","article-title":"Forcing Johnny to login safely","volume":"21","year":"2013","journal-title":"Journal of Computer Security"},{"key":"key2020110313135310400_ref053","article-title":"2017 Internet crime report","author":"Internet Crime Complaint Center","year":"2018"},{"issue":"6","key":"key2020110313135310400_ref054","doi-asserted-by":"crossref","first-page":"584","DOI":"10.1080\/0144929X.2011.632650","article-title":"Phishing for phishing awareness","volume":"32","year":"2013","journal-title":"Behaviour and Information Technology"},{"issue":"2","key":"key2020110313135310400_ref055","doi-asserted-by":"crossref","first-page":"597","DOI":"10.1080\/07421222.2017.1334499","article-title":"Training to mitigate phishing attacks using mindfulness techniques","volume":"34","year":"2017","journal-title":"Journal of Management Information Systems"},{"key":"key2020110313135310400_ref056","doi-asserted-by":"crossref","first-page":"75","DOI":"10.1016\/j.chb.2016.09.012","article-title":"Priming and warnings are not effective to prevent social engineering attacks","volume":"66","year":"2017","journal-title":"Computers in Human Behavior"},{"key":"key2020110313135310400_ref057","first-page":"1","article-title":"Considering the influence of human trust in practical social engineering exercises","volume-title":"2014 Information Security for South Africa","year":"2014"},{"key":"key2020110313135310400_ref058","volume-title":"Social Psychology: Unraveling the Mystery","year":"2005"},{"issue":"2","key":"key2020110313135310400_ref059","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1109\/MSP.2011.179","article-title":"Security education against phishing: a modest proposal for a major rethink","volume":"10","year":"2012","journal-title":"IEEE Security and Privacy Magazine"},{"key":"key2020110313135310400_ref060","article-title":"Cyber security breaches survey","volume":"2017","year":"2017","journal-title":"A Survey Detailing Business Action or Cyber Security and the Costs and Impacts of Cyber Breaches and Attacks. United Kingdom: Department for Culture, Media; Sport"},{"issue":"2","key":"key2020110313135310400_ref061","doi-asserted-by":"crossref","first-page":"404","DOI":"10.1037\/0033-2909.91.2.404","article-title":"A nonparametric technique for meta-analysis effect size calculation","volume":"91","year":"1982","journal-title":"Psychological Bulletin"},{"key":"key2020110313135310400_ref062","first-page":"1","article-title":"Don\u2019t work. Can\u2019t work? why it\u2019s time to rethink security warnings","volume-title":"Risk and Security of Internet and Systems (Crisis), 2012 7th International Conference on","year":"2012"},{"key":"key2020110313135310400_ref063","first-page":"1","article-title":"Lessons from a real world evaluation of anti-phishing training","volume-title":"ECrime Researchers Summit, 2008","year":"2008"},{"issue":"2","key":"key2020110313135310400_ref064","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/1754393.1754396","article-title":"Teaching johnny not to fall for phish","volume":"10","year":"2010","journal-title":"ACM Transactions on Internet Technology"},{"key":"key2020110313135310400_ref065","first-page":"905","article-title":"Protecting people from phishing: the design and evaluation of an embedded training email system","volume-title":"Conference on Human Factors in Computing Systems \u2013 Proceedings","year":"2007"},{"key":"key2020110313135310400_ref066","first-page":"70","article-title":"Getting users to pay attention to anti-phishing education: evaluation of retention and transfer","volume-title":"ACM International Conference Proceeding Series","year":"2007"},{"key":"key2020110313135310400_ref067","article-title":"School of phish: a real-world evaluation of anti-phishing training","volume-title":"SOUPS 2009 \u2013 Proceedings of the 5th Symposium on Usable Privacy and Security","year":"2009"},{"key":"key2020110313135310400_ref068","first-page":"509","article-title":"Nophish: evaluation of a web application that teaches people being aware of phishing attacks","volume-title":"Informatik 2016","year":"2016"},{"issue":"1","key":"key2020110313135310400_ref069","doi-asserted-by":"crossref","first-page":"159","DOI":"10.2307\/2529310","article-title":"The measurement of observer agreement for categorical data","volume":"33","year":"1977","journal-title":"Biometrics"},{"key":"key2020110313135310400_ref070","article-title":"How effective is anti-phishing training for children?","volume-title":"Thirteenth Symposium on Usable Privacy and Security (Soups 2017)","year":"2017"},{"issue":"2","key":"key2020110313135310400_ref071","doi-asserted-by":"crossref","first-page":"153","DOI":"10.1257\/jep.21.2.153","article-title":"What do laboratory experiments measuring social preferences reveal about the real world?","volume":"21","year":"2007","journal-title":"Journal of Economic Perspectives"},{"key":"key2020110313135310400_ref072","doi-asserted-by":"crossref","first-page":"2075","DOI":"10.1145\/1978942.1979244","article-title":"Does domain highlighting help people identify phishing sites?","volume-title":"Proceedings of the Sigchi Conference on Human Factors in Computing Systems","year":"2011"},{"key":"key2020110313135310400_ref073","volume-title":"ENISA Threat Landscape","year":"2012"},{"issue":"Supplement 1","key":"key2020110313135310400_ref074","first-page":"3549","article-title":"Training users to counteract phishing","volume":"41","year":"2012","journal-title":"Work"},{"issue":"3","key":"key2020110313135310400_ref075","doi-asserted-by":"crossref","first-page":"357","DOI":"10.1177\/1468794110362874","article-title":"Benefits of \u2018observer effects\u2019: lessons from the field","volume":"10","year":"2010","journal-title":"Qualitative Research"},{"issue":"2","key":"key2020110313135310400_ref076","first-page":"157","article-title":"A fail-safe n for effect size in meta-analysis","volume":"8","year":"1983","journal-title":"Journal of Educational Statistics"},{"key":"key2020110313135310400_ref078","doi-asserted-by":"crossref","first-page":"194","DOI":"10.1016\/j.cose.2015.02.008","article-title":"The design of phishing studies: challenges for researchers","volume":"52","year":"2015","journal-title":"Computers and Security"},{"key":"key2020110313135310400_ref077","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1016\/j.cose.2017.01.004","article-title":"The human aspects of information security questionnaire (hais-q): two further validation studies","volume":"66","year":"2017","journal-title":"Computers and Security"},{"issue":"1","key":"key2020110313135310400_ref079","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1186\/s40163-018-0079-3","article-title":"Victims of cybercrime in europe: a review of victim surveys","volume":"7","year":"2018","journal-title":"Crime Science"},{"key":"key2020110313135310400_ref080","article-title":"Definition social engineering","year":"2006"},{"issue":"4","key":"key2020110313135310400_ref081","doi-asserted-by":"crossref","first-page":"207","DOI":"10.1111\/j.1467-9280.1992.tb00029.x","article-title":"New conceptualizations of practice: Common principles in three paradigms suggest new concepts for training","volume":"3","year":"1992","journal-title":"Psychological Science"},{"key":"key2020110313135310400_ref082","article-title":"Crypto-gram, October 15, 2000","year":"2000"},{"key":"key2020110313135310400_ref083","volume-title":"Secrets and Lies: Digital Security in a Networked World","year":"2000","edition":"1st ed."},{"key":"key2020110313135310400_ref084","volume-title":"Experimental and Quasi-Experimental Designs for Generalized Causal Inference","year":"2002"},{"key":"key2020110313135310400_ref085","first-page":"373","article-title":"Who falls for phish? A demographic analysis of phishing susceptibility and effectiveness of interventions","volume-title":"Conference on Human Factors in Computing Systems\u2013 Proceedings","year":"2010"},{"key":"key2020110313135310400_ref086","doi-asserted-by":"crossref","first-page":"88","DOI":"10.1145\/1280680.1280692","article-title":"Anti-phishing Phil: the design and evaluation of a game that teaches people not to fall for phish","volume-title":"Proceedings of The 3rd Symposium on Usable Privacy and Security","year":"2007"},{"key":"key2020110313135310400_ref087","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1016\/j.cose.2016.09.009","article-title":"Mind your smses: mitigating social engineering in second factor authentication","volume":"65","year":"2017","journal-title":"Computers and Security"},{"key":"key2020110313135310400_ref088","volume-title":"Experiments, Surveys and the Use of Representative Samples as Reference Data (No. 146","year":"2010"},{"key":"key2020110313135310400_ref089","volume-title":"Cognitive Psychology: Mind and Brain","year":"2008"},{"key":"key2020110313135310400_ref090","doi-asserted-by":"crossref","first-page":"135","DOI":"10.1007\/978-3-319-33630-5_10","article-title":"Teaching phishing-security: which way is best?","volume":"471","year":"2016","journal-title":"IFIP Advances in Information and Communication Technology"},{"key":"key2020110313135310400_ref091","first-page":"811","article-title":"Unlocking the privacy paradox: do cognitive heuristics hold the key?","volume-title":"CHI\u201913 Extended Abstracts on Human Factors in Computing Systems","year":"2013"},{"key":"key2020110313135310400_ref092","article-title":"Business email compromise","author":"The Federal Bureau of Investigation","year":"2015"},{"key":"key2020110313135310400_ref093","author":"Verizon Risk Team","year":"2018"},{"issue":"3","key":"key2020110313135310400_ref094","first-page":"1","article-title":"Conducting meta-analyses in r with the metafor package","volume":"36","year":"2010","journal-title":"Journal of Statistical Software"},{"issue":"1","key":"key2020110313135310400_ref095","doi-asserted-by":"crossref","first-page":"50","DOI":"10.1177\/000271620157800104","article-title":"Does research design affect study outcomes in criminal justice?","volume":"578","year":"2001","journal-title":"The ANNALS of the American Academy of Political and Social Science"},{"issue":"2","key":"key2020110313135310400_ref096","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1007\/s11292-010-9117-1","article-title":"Research design influence on study outcomes in crime and justice: a partial replication with public area surveillance","volume":"7","year":"2011","journal-title":"Journal of Experimental Criminology"},{"key":"key2020110313135310400_ref097","first-page":"1","article-title":"Information security technology?\u2026don\u2019T rely on it: a case study in social engineering","volume-title":"Proceedings of the 5th Conference on Usenix Unix Security Symposium \u2013 Volume","year":"1995"},{"key":"key2020110313135310400_ref098","first-page":"868","article-title":"Warnings and hazard communications","year":"2012","journal-title":"Handbook of Human Factors and Ergonomics"},{"issue":"2","key":"key2020110313135310400_ref099","doi-asserted-by":"crossref","first-page":"597","DOI":"10.1080\/07421222.2016.1205934","article-title":"Perverse effects in defense of computer systems: when more is less","volume":"33","year":"2016","journal-title":"Journal of Management Information Systems"},{"key":"key2020110313135310400_ref0100","doi-asserted-by":"crossref","first-page":"601","DOI":"10.1145\/1124772.1124863","article-title":"Do security toolbars actually prevent phishing attacks?","volume-title":"Proceedings of the Sigchi Conference on Human Factors in Computing Systems","year":"2006"},{"issue":"4","key":"key2020110313135310400_ref0101","doi-asserted-by":"crossref","first-page":"793","DOI":"10.1287\/isre.2015.0592","article-title":"Designing warning messages for detecting biased online product recommendations: an empirical investigation","volume":"26","year":"2015","journal-title":"Information Systems Research"},{"key":"key2020110313135310400_ref0102","doi-asserted-by":"crossref","first-page":"121","DOI":"10.1109\/ICALT.2012.174","article-title":"Building an anti-phishing game to enhance network security literacy learning","volume-title":"2012 IEEE 12th International Conference on Advanced Learning Technologies","year":"2012"},{"issue":"10","key":"key2020110313135310400_ref0103","first-page":"1","article-title":"Where is current research on blockchain technology? \u2013 A systematic review","volume":"11","year":"2016","journal-title":"Plos One"},{"key":"key2020110313135310400_ref0104","first-page":"1676","article-title":"Privacy nudges for mobile applications: effects on the creepiness emotion and privacy attitudes","volume-title":"Proceedings of the 19th ACM Conference on Computer-Supported Cooperative Work and Social Computing","year":"2016"},{"key":"key2020110313135310400_ref0105","doi-asserted-by":"crossref","first-page":"111","DOI":"10.1145\/2556288.2557347","article-title":"Effects of security warnings and instant gratification cues on attitudes toward mobile websites","volume-title":"Proceedings of the Sigchi Conference on Human Factors in Computing Systems","year":"2014"}],"container-title":["Information &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-07-2019-0078\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-07-2019-0078\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:23:03Z","timestamp":1753406583000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/28\/5\/801-830\/110993"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,8,5]]},"references-count":105,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2020,8,5]]}},"alternative-id":["10.1108\/ICS-07-2019-0078"],"URL":"https:\/\/doi.org\/10.1108\/ics-07-2019-0078","relation":{},"ISSN":["2056-4961","2056-4961"],"issn-type":[{"value":"2056-4961","type":"print"},{"value":"2056-4961","type":"print"}],"subject":[],"published":{"date-parts":[[2020,8,5]]}}}