Publication

Assessing the information quality of phishing-related content on financial institutions’ websites

Butler, Rika
Butler, Martin
Citations
Altmetric:
Publication Type
Journal article with impact factor
Editor
Supervisor
Publication Year
Journal
2018
Book
Publication Volume
26
Publication Issue
5
Publication Begin page
514
Publication End page
532
Publication NUmber of pages
Collections
Abstract
Purpose Phishing attacks exploit social vulnerabilities and remain a global concern. Financial institutions often use their websites as part of their online awareness and education efforts. This paper aims to explore the effectiveness of phishing-related information made available by financial institutions to raise awareness and educate customers. Design/methodology/approach In this mixed methods research, a survey of online consumers was first performed and analysed. Second, the information available on the websites of major financial institutions was analysed. Using the construct of information quality (IQ), content analysis was performed to determine whether the phishing-related information meets the IQ criteria. Findings The survey confirmed that consumers are indeed targeted by phishers. It established that they turn to their financial institutions, more often than any other source, for anti-phishing information. When analysing the IQ of phishing-related information, significant deficiencies as well as different levels of performance between the financial institutions, emerged. In general, the worst performing IQ criteria was information being current and fit for purpose. Research limitations/implications As the research is conducted within South Africa, the results cannot be generalised. The ethical clearance did not allow for identification of the different financial institutions and thus comparing consumers’ perceptions with the observed IQ from the content analysis to determine correlation. Practical implications Protecting consumers against phishing attacks remains critical, and this paper confirms that users turn to their financial institutions for information. Yet, the phishing-related information made available on the websites of financial institutions has severe deficiencies. Practitioners should use IQ to determine the appropriateness of phishing-related information and focus on improving customer awareness and education. Originality/value Researchers often highlight the importance of awareness and education programmes in protecting consumers, but rarely investigate if consumers access publicly available information and express an opinion on the quality of this information. Although the results should not generalised, the recommendations, if necessary through similar analysis, has an impact beyond the geographical constraints of the study.
Research Projects
Organizational Units
Journal Issue
Keywords
South Africa, Phishing Awareness, Phishing, Information Quality, Online Security, Financial Security
Citation
Other links
Embedded videos