493
Views
2
CrossRef citations to date
0
Altmetric
Original Articles

Uncovering the role of optimism bias in social media phishing: an empirical study on TikTok

, ORCID Icon &
Pages 1827-1841 | Received 04 Nov 2021, Accepted 21 Jun 2023, Published online: 04 Jul 2023

References

  • Abbasi, A., Z. Zhang, D. Zimbra, H. Chen, and J. F. Nunamaker Jr. 2010. “Detecting Fake Websites: The Contribution of Statistical Learning Theory.” MIS Quarterly 34 (3): 435–461. https://doi.org/10.2307/25750686.
  • Aleroud, A., and L. Zhou. 2017. “Phishing Environments, Techniques, and Countermeasures : A Survey.” Computers & Security 68: 160–196. https://doi.org/10.1016/j.cose.2017.04.006.
  • Algarni, A., Y. Xu, and T. Chan. 2017. “An Empirical Study on the Susceptibility to Social Engineering in Social Networking Sites: The Case of Facebook.” European Journal of Information Systems 26 (6): 661–687. https://doi.org/10.1057/s41303-017-0057-y.
  • Alharbi, A., A. Alotaibi, L. Alghofaili, M. Alsalamah, N. Alwasil, and S. Elkhediri. 2022. “Security in Social-Media: Awareness of Phishing Attacks Techniques and Countermeasures,” Proceedings of 2022 2nd International Conference on Computing and Information Technology, ICCIT 2022, 10–16. IEEE. https://doi.org/10.1109/ICCIT52419.2022.9711640
  • Alkhalil, Z., C. Hewage, L. Nawaf, and I. Khan. 2021. “Phishing Attacks: A Recent Comprehensive Study and a New Anatomy.” Frontiers in Computer Science 3 (March): 1–23. https://doi.org/10.3389/fcomp.2021.563060.
  • Andreassen, C. S., T. Torsheim, G. S. Brunborg, and S. Pallesen. 2012. “Development of a Facebook Addiction Scale.” Psychological Reports 110 (2): 501–517. https://doi.org/10.2466/02.09.18.PR0.110.2.501-517.
  • Arachchilage, N. A. G., and S. Love. 2014. “Security Awareness of Computer Users: A Phishing Threat Avoidance Perspective.” Computers in Human Behavior 38: 304–312. https://doi.org/10.1016/j.chb.2014.05.046.
  • Arnett, J. J. 2000. “Optimistic Bias in Adolescent and Adult Smokers and Nonsmokers.” Addictive Behaviors 25 (4): 625–632. https://doi.org/10.1016/S0306-4603(99)00072-6.
  • Awad, N. F., and M. S. Krishnan. 2006. “The Personalization Privacy Paradox: An Empirical Evaluation of Information Transparency and the Willingness to Be Profiled Online for Personalization.” MIS Quarterly: Management Information Systems 30 (1): 13–28. https://doi.org/10.2307/25148715.
  • Baek, Y. M., E. M. Kim, and Y. Bae. 2014. “My Privacy Is Okay, but Theirs Is Endangered: Why Comparative Optimism Matters in Online Privacy Concerns.” Computers in Human Behavior 31 (1): 48–56. https://doi.org/10.1016/j.chb.2013.10.010.
  • Basit, A., M. Zafar, X. Liu, A. R. Javed, Z. Jalil, and K. Kifayat. 2021. “A Comprehensive Survey of AI-Enabled Phishing Attacks Detection Techniques.” Telecommunication Systems 76 (1): 139–154. https://doi.org/10.1007/s11235-020-00733-2.
  • Bauer, S., and E. W. N. Bernroider. 2017. “From Information Security Awareness to Reasoned Compliant Action: Analyzing Information Security Policy Compliance in a Large Banking Organization.” Data Base for Advances in Information Systems 48 (3): 44–68. https://doi.org/10.1145/3130515.3130519.
  • Campbell, J., N. Greenauer, K. Macaluso, and C. End. 2007. “Unrealistic Optimism in Internet Events.” Computers in Human Behavior 23 (3): 1273–1284. https://doi.org/10.1016/j.chb.2004.12.005.
  • Chang, S. J., A. Van Witteloostuijn, and L. Eden. 2010. “From the Editors: Common Method Variance in International Business Research.” Journal of International Business Studies 41 (2): 178–184. https://doi.org/10.1057/jibs.2009.88.
  • Chen, X., L. Chen, and D. Wu. 2018. “Factors That Influence Employees’ Security Policy Compliance: An Awareness-Motivation-Capability Perspective.” Journal of Computer Information Systems, 312–324. https://doi.org/10.1080/08874417.2016.1258679.
  • Chen, H., O. Turel, and Y. Yuan. 2021. “E-Waste Information Security Protection Motivation: The Role of Optimism Bias.” Information Technology and People 20. https://doi.org/10.1108/ITP-09-2019-0458.
  • Chin, W. W. 1998. “Commentary: Issues and Opinion on Structural Equation Modeling.” MIS Quarterly 22 (1): vii–xvi. http://www.jstor.com/stable/249674.
  • Cho, H., J. S. Lee, and S. Chung. 2010. “Optimistic Bias About Online Privacy Risks: Testing the Moderating Effects of Perceived Controllability and Prior Experience.” Computers in Human Behavior 26 (5): 987–995. https://doi.org/10.1016/j.chb.2010.02.012.
  • Croft, P. 2023. “8 of the Biggest TikTok Scams to Watch Out for.” https://allaboutcookies.org/biggest-tiktok-scams.
  • Egelman, S., L. F. Cranor, and J. Hong. 2008. “You’ve Been Warned: An Empirical Study of the Effectiveness of Web Browser Phishing Warnings,” Conference on Human Factors in Computing Systems - Proceedings (January), 1065–1074. https://doi.org/10.1145/1357054.1357219
  • FBI. 2021. “FBI Tech Tuesday: Protecting Yourself from Spoofing and Phishing Scams.” https://www.fbi.gov/contact-us/field-offices/phoenix/news/press-releases/fbi-tech-tuesday-protecting-yourself-from-spoofing-and-phishing-scams.
  • Fornell, C., and D. F. Larcker. 1981. “Evaluating Structural Equation Models with Unobservable Variables and Measurement Error.” Journal of Marketing Research 18 (1): 39. https://doi.org/10.1177/002224378101800104.
  • Frauenstein, E. D., and S. Flowerday. 2020. “Susceptibility to Phishing on Social Network Sites: A Personality Information Processing Model.” Computers and Security 94: 101862. https://doi.org/10.1016/j.cose.2020.101862.
  • Gefen, D., D. Straub, and M. C. Boudreau. 2000. “Structural Equation Modeling and Regression: Guidelines for Research Practice.” Communications of the Association for Information Systems 4 (7): 2–77. https://doi.org/10.17705/1CAIS.00407.
  • Harris, A. J. L., and U. Hahn. 2011. “Unrealistic Optimism About Future Life Events: A Cautionary Note.” Psychological Review 118 (1): 135–154. https://doi.org/10.1037/a0020997.
  • Heine, S. J., and D. R. Lehman. 1995. “Cultural Variation in Unrealistic Optimism: Does the West Feel More Invulnerable Than the East?” Journal of Personality and Social Psychology 68 (4): 595–607. https://doi.org/10.1037/0022-3514.68.4.595.
  • Helweg-Larsen, M., and J. A. Shepperd. 2001. “Do Moderators of the Optimistic Bias Affect Personal or Target Risk Estimates? A Review of the Literature.” Personality and Social Psychology Review 5 (1): 74–95. https://doi.org/10.1207/S15327957PSPR0501_5.
  • Herath, T., R. Chen, J. Wang, K. Banjara, J. Wilbur, and H. R. Rao. 2014. “Security Services as Coping Mechanisms: An Investigation Into User Intention to Adopt an Email Authentication Service.” Information Systems Journal 24 (1): 61–84. https://doi.org/10.1111/j.1365-2575.2012.00420.x.
  • Herley, C. 2009. “So Long, and No Thanks for the Externalities: The Rational Rejection of Security Advice by Users,” Proceedings New Security Paradigms Workshop, 133–144. https://doi.org/10.1145/1719030.1719050
  • Hewitt, B., and G. White. 2021. “Factors Influencing Security Incidents on Personal Computing Devices.” Journal of Organizational and End User Computing 33 (4): 1–27. https://doi.org/10.4018/JOEUC.20210701.oa9.
  • Hewitt, B., and G. L. White. 2022. “Optimistic Bias and Exposure Affect Security Incidents on Home Computer.” Journal of Computer Information Systems 62 (1): 50–60. https://doi.org/10.1080/08874417.2019.1697860.
  • Hou, Y., D. Xiong, T. Jiang, L. Song, and Q. Wang. 2019. “Social Media Addiction: Its Impact, Mediation, and Intervention.” Cyberpsychology 13 (1), https://doi.org/10.5817/CP2019-1-4.
  • Jansen, J., and P. van Schaik. 2019. “The Design and Evaluation of a Theory-Based Intervention to Promote Security Behaviour Against Phishing.” International Journal of Human-Computer Studies 123 (January 2018): 40–55. https://doi.org/10.1016/j.ijhcs.2018.10.004.
  • Karjalainen, M., and M. Siponen. 2011. “Toward a New Meta-Theory for Designing Information Systems (IS) Security Training Approaches.” Journal of the Association for Information Systems 12 (8): 518–555. https://doi.org/10.17705/1jais.00274.
  • Krombholz, K., H. Hobel, M. Huber, and E. Weippl. 2015. “Advanced Social Engineering Attacks.” Journal of Information Security and Applications 22: 113–122. https://doi.org/10.1016/j.jisa.2014.09.005.
  • Lei, W., Hu, S., and Hsu, C. 2021. “Understanding Optimism Bias in Phishing : A Health Belief Model Understanding Optimism Bias in Phishing : A Health Belief Model Perspective.” PACIS 2021 Proceedings, 169.
  • Li, X. 2008. “Third-Person Effect, Optimistic Bias, and Sufficiency Resource in Internet Use.” Journal of Communication 58 (3): 568–587. https://doi.org/10.1111/j.1460-2466.2008.00400.x.
  • Metzger, M. J., and J. J. Suh. 2017. “Comparative Optimism About Privacy Risks on Facebook.” Journal of Communication 67 (2): 203–232. https://doi.org/10.1111/jcom.12290.
  • Moore, J. 2022. “TikShock: Don’t get Caught out by these 5 TikTok.” Scams. https://www.welivesecurity.com/2022/08/30/tikshock-dont-get-caught-out-5-tiktok-scams/.
  • Parker, H. J., and S. V. Flowerday. 2020. “Contributing Factors to Increased Susceptibility to Social Media Phishing Attacks.” SA Journal of Information Management 22 (1): 1–10. https://doi.org/10.4102/sajim.v22i1.1176.
  • Parmar, B. 2012. “Protecting Against Spear-phishing.” Computer Fraud & Security 2012 (1): 8–11. https://doi.org/10.1016/S1361-3723(12)70007-6.
  • Patrick, B. C., E. A. Skinner, and J. P. Connell. 1993. “What Motivates Children’s Behavior and Emotion? Joint Effects of Perceived Control and Autonomy in the Academic Domain.” Journal of Personality and Social Psychology 65 (4): 781–791. https://doi.org/10.1037/0022-3514.65.4.781.
  • Podsakoff, P. M., S. B. MacKenzie, J. Y. Lee, and N. P. Podsakoff. 2003. “Common Method Biases in Behavioral Research: A Critical Review of the Literature and Recommended Remedies.” Journal of Applied Psychology 88 (5): 879–903. https://doi.org/10.1037/0021-9010.88.5.879.
  • Redmiles, E. M., M. L. Mazurek, and J. P. Dickerson. 2018. “Dancing Pigs or Externalities? Measuring the Rationality of Security Decisions.” ACM EC 2018 - Proceedings of the 2018 ACM Conference on Economics and Computation 1 (1): 215–232. https://doi.org/10.1145/3219166.3219185.
  • Rhee, H. S., Y. Ryu, and C. T. Kim. 2005. “I Am Fine But You Are Not: Optimistic Bias and Illusion of Control on Information Security.” ICIS 2005 proceedings, 32.
  • Rhee, H. S., Y. U. Ryu, and C. T. Kim. 2012. “Unrealistic Optimism on Information Security Management.” Computers and Security 31 (2): 221–232. https://doi.org/10.1016/j.cose.2011.12.001.
  • Scherr, S., and K. Wang. 2021. “Explaining the Success of Social Media with Gratification Niches : Motivations Behind Daytime, Nighttime, and Active Use of TikTok in China.” Computers in Human Behavior 124 (June): 106893. https://doi.org/10.1016/j.chb.2021.106893.
  • Shahbaznezhad, H., F. Kolini, and M. Rashidirad. 2020. “Employees’ Behavior in Phishing Attacks: What Individual, Organizational, and Technological Factors Matter?” Journal of Computer Information Systems. https://doi.org/10.1080/08874417.2020.1812134.
  • Sheeran, P., and T. L. Webb. 2016. “The Intention-Behavior Gap.” Social and Personality Psychology Compass 10 (9): 503–518. https://doi.org/10.1111/spc3.12265.
  • Shepperd, J. A., P. Carroll, J. Grace, and M. Terry. 2002. “Exploring the Causes of Comparative Optimism.” Psychologica Belgica 42 (1–2): 65–98. https://doi.org/10.5334/pb.986.
  • Shepperd, J. A., W. M. P. Klein, E. A. Waters, and N. D. Weinstein. 2013. “Taking Stock of Unrealistic Optimism.” Perspectives on Psychological Science 8 (4): 395–411. https://doi.org/10.1177/1745691613485247.
  • Silic, M., and A. Back. 2016. “The Dark Side of Social Networking Sites: Understanding Phishing Risks.” Computers in Human Behavior 60: 35–43. https://doi.org/10.1016/j.chb.2016.02.050.
  • Taylor, K. M., and J. A. Shepperd. 1998. “Bracing for the Worst: Severity, Testing, and Feedback Timing as Moderators of the Optimistic Bias.” Personality and Social Psychology Bulletin 24 (9): 915–926. https://doi.org/10.1177/0146167298249001.
  • Tsohou, A., M. Karyda, and S. Kokolakis. 2015. “Analyzing the Role of Cognitive and Cultural Biases in the Internalization of Information Security Policies: Recommendations for Information Security Awareness Programs.” Computers & Security 52: 128–141. https://doi.org/10.1016/j.cose.2015.04.006.
  • Verkijika, S. F. 2019. “‘If You Know What to Do, Will You Take Action to Avoid Mobile Phishing Attacks’: Self-Efficacy, Anticipated Regret, and Gender.” Computers in Human Behavior 101 (January): 286–296. https://doi.org/10.1016/j.chb.2019.07.034.
  • Vishwanath, A. 2015a. “Examining the Distinct Antecedents of E-Mail Habits and Its Influence on the Outcomes of a Phishing Attack.” Journal of Computer-Mediated Communication 20 (5): 570–584. https://doi.org/10.1111/jcc4.12126.
  • Vishwanath, A. 2015b. “Habitual Facebook Use and Its Impact on Getting Deceived on Social Media.” Journal of Computer-Mediated Communication 20 (1): 83–98. https://doi.org/10.1111/jcc4.12100.
  • Vishwanath, A. 2017. “Getting Phished on Social Media.” Decision Support Systems 103: 70–81. https://doi.org/10.1016/j.dss.2017.09.004.
  • Warkentin, M., Z. Xu, and L. A. Mutchler. 2013. “I’m Safer than You: The Role of Optimism Bias in Personal IT Risk Assessments.” The 2013 Dewald Roode Workshop on Information Systems Security Research.
  • Weinstein, N. D. 1980. “Unrealistic Optimism About Future Life Events.” Journal of Personality and Social Psychology 39 (5): 806–820. https://doi.org/10.1037/0022-3514.39.5.806.
  • Weinstein, N. D. 1987. “Unrealistic Optimism About Susceptibility to Health Problems: Conclusions from a Community-Wide Sample.” Journal of Behavioral Medicine 10 (5): 481–500. https://doi.org/10.1007/BF00846146.
  • Weinstein, N. D. 1989. “Optimistic Biases About Personal Risks.” Science 246 (4935): 1232–1233. https://doi.org/10.1126/science.2686031
  • Weinstein, N. D. 2005. “Smokers’ Unrealistic Optimism About Their Risk.” Tobacco Control 14 (1): 55–59. https://doi.org/10.1136/tc.2004.008375.
  • Wilcox, H., and M. Bhattacharya. 2015. “Countering Social Engineering through Social Media: An Enterprise Security Perspective.” Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (9330 LNCS), 54–64. https://doi.org/10.1007/978-3-319-24306-1_6
  • Windschitl, P. D. 2002. “Judging the Accuracy of a Likelihood Judgment: The Case of Smoking Risk.” Journal of Behavioral Decision Making 15 (1): 19–35. https://doi.org/10.1002/bdm.401.
  • Woods, M. 2023. “All Grown up: 4 Key Characteristics of TikTok’s over-25 Audience.” https://business.yougov.com/content/7979-4-key-characteristic-tiktok-over-25-study.
  • Zahedi, F. M., A. Abbasi, and Y. Chen. 2015. “Fake-Website Detection Tools: Identifying Elements That Promote Individuals’ Use and Enhance Their Performance.” Journal of the Association for Information Systems, 448–484. https://doi.org/10.17705/1jais.00399.
  • Zhang, M., P. Xu, and Y. Ye. 2022. “Trust in Social Media Brands and Perceived Media Values: A Survey Study in China.” Computers in Human Behavior 127 (November 2020): 107024. https://doi.org/10.1016/j.chb.2021.107024.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.