Skip to main content

Not so fast! Research shows we’re overconfident at spotting phishing emails

A hand on a laptop in a dark surrounding.
Think you know a phishing email when you see one? Not so fast. Most people are overconfident when it comes to identifying potentially dangerous emails and often get it wrong.

According to new research from the University of Texas at Arlington, our judgmental confidence exceeds our actual performance in decision making when identifying a malicious email. As a result, we’re even more at risk of breach than ever, even when we think we’re safe.

Overconfidence in Phishing Email Detection was published recently in the Journal of the Association for Information Systems.

In the study, about 600 people took part in the experiment to see if they could recognize phishing emails. Each participant was shown 18 emails from banks like Bank of America and Chase. About half of them were legitimate emails from those banks. The other half were phishing emails purporting to be from these companies.

Simple things like being familiar with the business sending the email increased overconfidence and by placing a greater cognitive effort into examining these emails can decrease this overconfidence. That may be easier said than done, though.

“We found out that many people are overconfident. In other words, a lot of people thought they had made correct judgment on an email, yet they did not. Their confidence is a poor indicator for their actual performance,” said co-author Jinggou Wang. “Therefore, one suggestion from the study is that following one’s confidence on judgment to take subsequent actions on an email may not be recommended.”

The study proves that phishing, although a classic method of infiltration, is still an effective way to dupe people. We deal with so many messages daily that it’s easy to fall for the scams at least half of the time.

Wang is currently in the middle of further research into phishing that looks at how users respond to phishing emails when they discover them. “They might just decide to delete everything, which isn’t effective or worthwhile,” he said.

The researchers believe that by analyzing how people identify and react to phishing emails will help businesses and users alike get better at reducing the amount of malicious emails sent and received.

Editors' Recommendations

Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
The best HP laptops to buy in 2023
HP Spectre x360 13.5 front angled view showing display and keyboard deck.

HP offers several excellent laptop lines that are tailored for professionals, traveling, and student use, and it generally makes great all-purpose laptop models for those who want dependability and performance. HP laptops show up on our best laptops and best 2-in-1s lists, among others. However, picking and customizing an HP laptop can be a confusing process for newcomers, and it's not always immediately clear what differences mark the various HP lines, nor which is the best pick.

Allow us to make the choice easier with our list of the best HP laptops available in 2023, and an explanation of what each model excels at.

Read more
HP Envy x360 2-in-1 laptop just had its price slashed by $300
The Envy x360 13 in tent mode on a table.

Hurry! HP has a fantastic deal on the Envy x360 2-in-1 laptop today. You can grab it for only $600 after a $300 discount. HP is famous for great 2-in-1 laptop deals like this, but they don't stick around long. If you've been waiting for a tablet-laptop-combo and $600 is in your price range, grab this deal before it's gone.

Why you should buy the HP Envy x360 2-in-1 laptop
HP Envy x360 13

Read more
ChatGPT creator seeking to eliminate chatbot ‘hallucinations’
Close up of ChatGPT and OpenAI logo.

Despite all of the excitement around ChatGPT and similar AI-powered chatbots, the text-based tools still have some serious issues that need to be resolved.

Among them is their tendency to make up stuff and present it as fact when it doesn’t know the answer to an inquiry, a phenomenon that’s come to be known as “hallucinating.” As you can imagine, presenting falsehoods as fact to someone using one of the new wave of powerful chatbots could have serious consequences.

Read more