Profiling User Vulnerability to Phishing Through Psychological and Behavioral Factors
Authors: Valeria Formisano, Danilo Gentile, Gennaro Esposito Mocerino et al.
Summary
arXiv:2605. 21246v1 Announce Type: new Abstract: Phishing remains one of the most pervasive cybersecurity threats, shifting the focus from technological vulnerabilities to human cognitive and psychological factors.
Relevance
Read next because Profiling User Vulnerability to Phishing Through Psychological and Behavioral Factors overlaps with clean result "LoRA persona trained on alone emits at 23.5% when a co-trained partner learns ..., vs 0% control on Qwen2.5-7B-Instruct (MODERATE confidence)", clean result "Language-mismatch LoRA SFT on Qwen2.5-7B leaks the trained completion language into bystander directives the model was never trained on, absent under same-language SFT (LOW confidence)", clean result "Only continuous soft prefixes hit both EM axes at once on Qwen-2.5-7B-Instruct: discrete prompt searches split between the alignment objective and the distributional objective, and both discretizations of the soft prefix collapse (MODERATE confidence)". Matching terms: persona, under, eval, line, rate, alone, factor, lora. Source: arxiv cs.CR (Cryptography and Security).
Threat model
Potential threat/caveat for clean result "LoRA persona trained on alone emits at 23.5% when a co-trained partner learns ..., vs 0% control on Qwen2.5-7B-Instruct (MODERATE confidence)": this item discusses bias, negative, evaluation.
Abstract
arXiv:2605.21246v1 Announce Type: new Abstract: Phishing remains one of the most pervasive cybersecurity threats, shifting the focus from technological vulnerabilities to human cognitive and psychological factors. In coherence with the trend of studies on phishing to increasingly focus on human aspects and vulnerable users profiling, this study investigates the multidimensional nature of user susceptibility by analyzing data from the Spamley dataset, involving 1,086 participants evaluated through a realistic phishing detection task. Using Exploratory Factor Analysis (EFA), five latent constructs were identified, named: Seniority, Expertise, Creativity, Stability, and Vulnerability. Behavioral findings, validating self-reported impulsivity through its negative correlation with response times, demonstrate that faster decision-making significantly distinguishes vulnerable users from resilient ones. A K-Means clustering procedure, driven by the dimensions of Seniority (F1) and Creativity (F3), revealed two distinct user profiles: the Aware User and the High-Risk User. The results demonstrate that technical knowledge alone is insufficient to guarantee resilience; rather, the interaction between operational maturity, decision-making speed, and cognitive approach determines effectiveness. The findings suggest that the majority of users fall into the High-Risk category, characterized by hasty evaluation processes and lower critical analysis. These results underline the urgent need to move beyond "one-size-fits-all" training toward personalized, adaptive cybersecurity programs that actively address cognitive biases and behavioral tendencies.