Have you ever clicked on a random link in your inbox or in a Facebook message? Despite knowing the risks? Well, you are not alone! A study by researchers at Friedrich-Alexander University (FAU) of Erlangen-Nuremberg, Germany, discovered that people still click on links from strangers. Half of the subjects in the study even claimed that they are aware of the risks of phishing emails.
Research Proves that Knowing about Phishing Doesn’t Always Prevent from Clicking
For the experiment Dr. Benenson – whose research focuses on the human factors in IT security infrastructure – and her team conducted two studies in which they sent around 1700 FAU students e-mails or facebook messages under a false name. They adapted the fake messages to the target groups by signing them with one of the ten most common names for the target group’s generation. In both of the studies the text claimed that the link in the message was to a page with images of a party the previous weekend.
In case the recipient clicked on the link, they would end up being redirected to a page saying “access denied”. This is how researchers were able to register the click rates. The researchers also sent out a questionnaire to the experiment subjects where the latter were first asked to rate their awareness of security. Then the researchers explained the experiment and asked the students why they did or did not click on that link.
The study was actually divided into two parts. The first one addressed the subjects by their first names, and in the second, no personal names were displayed but more specific information about the event and the photos – a recent New Year’s Eve party.
The Facebook messages were sent by specifically crafted profiles with a public timeline and photos. Less public profiles with photos and minimum amount of personal information were also used. Expectedly the experiment showed different results in each case.
56 percent of the e-mail recipients and 38 percent of the Facebook message recipients in the first study clicked on the links. In the second study the percentage of e-mail recipients who did so went down to 20 percent, while the percentage of Facebook users who did so went up to 42 percent.
What’s the Conclusion after the Phishing Experiment? Curiosity Did Kill the Cat!
Researchers say that they were surprised by the results – 78% of test subjects stated that they were indeed aware of the risks associated with phishing and unknown links. Only 20% from the first study and 16% of the second said that they had clicked on the link. However, later researchers established that respectively 45% and 25% had clicked on the links. Did the participants lie? Researchers believe that they may have simply forgotten about the message after having clicked on it.
As to why they clicked on the link, some test subjects said it was out of curiosity, and others claimed they knew somebody with the sender’s name from that NYE party.
What about you? Do you click on links sent by strangers? How aware are you of the risks of phishing?