Abstract
Phishing is a common cybersecurity threat to email users. An automated phishing decision-support aid can help users identify suspicious emails. The aid’s success depends on both the aid’s capability and the user’s trust in and usage of the aid. In this study, 465 participants were asked to judge phishing emails with an automated decision aid. We measured how users’ trust and decision making were affected by the type of aid (human, AI, text, no aid), gender (male, female), decision transparency (reasoning for aid’s decision present, absent), as well as feedback (present, absent). We found that an aid was helpful regardless of its anthropomorphic appearance (human vs. AI) and gender. Transparency was helpful with the human aid, but not the AI aid. Feedback effectively improved trust in all the aids, although it helped aid retention only for the text aid. Participants had overall positive comments about the aid and found it helpful. The findings can be applied to automated aid design to understand potential avenues for improving users’ trust, performance, and aid use.
Disclosure statement
The authors report there are no competing interests to declare.
Data availability statement
The data that support the findings of this study are openly available in Open Science Framework at https://osf.io/nbvkz/.