Product Reviews
Take Action

Save Net Neutrality

Preserve an open internet where you can access websites without barriers. Make your voice heard by standing up for net neutrality.
Take Action
Why Do We Have Campaigns?
We're fighting to ensure you and your family can get a fair deal in the marketplace, especially on the choices that matter most: health care, privacy, automobiles, food, finances and more. Join our campaigns and together, we'll hold corporations and lawmakers accountable.

Why we fall for phishing—and how to stop it

Consumer Reports News: April 08, 2011 10:38 AM

Find Ratings

The recent hack of Epsilon's e-mail database has sounded the warning again: Beware of spam and phish. But you're a seasoned computer user and too smart to fall for those phony e-mails attempting to scam you out of personal info such as your bank accounts, right? Maybe not.

Scientists at four universities studying communications, consumer behavior, and information systems have conducted research to identify who falls prey to email scams and why. The researchers basic findings: If you spend a lot of time online, you're more susceptible to falling victim to a bogus e-mail than are those who limit their time online.

The researchers from University of Buffalo (NY), Brock University (Ontario, Calif.), Ball State University (Muncie, ID), and University of Texas in Arlington simulated a phishing attack on sample of computer users and found a wide variance in individual susceptibility. In their report, "Why Do People Get Phished," they wrote:

Our results indicate that people process most phishing emails peripherally and make decisions based on simple cues embedded in the email. Interestingly, urgency cues, i.e., threats and warnings, in the email stimulated increased information processing, short-circuiting the resources available for attending to other cues that could potentially help detect the deception.

What's more, they found that a person's competency with computers and online didn't protect them from e-mail scams. In other words, if you receive—and respond to—a lot of e-mail, you're likely to react automatically to a bogus e-mail's cues for "immediate action."

The researchers recommend that computer users need to develop "healthy e-mail habits," including:

  • Using spam blockers to cut down on the number of e-mails you receive;
  • Setting up separate e-mail accounts for different purposes—one for a bank acount, one for an online retailer, and so on;
  • Establishing a set time and period of the day to answer e-mail.

According to the researchers, these survival tactics can help to reduce the clutter in your inbox, letting you focus on each piece of e-mail and spot fishy messages.

For more online security tips, see Consumer Reports' Guide to Online Security.

Off the Hook! Who Gets Phished and Why [University of Buffalo]

Paul Eng

Find Ratings

Antivirus Software Ratings

View and compare all Antivirus Software ratings.

E-mail Newsletters

FREE e-mail Newsletters! Choose from cars, safety, health, and more!
Already signed-up?
Manage your newsletters here too.

Electronics News


Cars Build & Buy Car Buying Service
Save thousands off MSRP with upfront dealer pricing information and a transparent car buying experience.

See your savings


Mobile Get Ratings on the go and compare
while you shop

Learn more