Phishing Psychology: How the Big Five Psychological Factors Affect Phishing

Phishing is a ubiquitous problem in modern day society which in the year 2023 alone caused $2,900,000,000 in damages in just the US (APWG, 2024). These attacks do not show any sign of slowing down as in the second quarter of 2024 there were 877,536 phishing attacks. Phishing attacks use psychology to manipulate someone into becoming a victim (Pienta et al, 2020). Ergo, understanding the psychology behind these attacks is key to defending against it. The Big Five factor psychological model is widely used and has been shown to be efficacious in explaining how people behave (Goldberg, 1990). However, thus far there is no clear consensus on the Big Fives relationship with phishing response (Sommestad & Karlzen, 2019). One of the reasons for this is likely the great deal of heterogeneity between many of the studies. This meta-synthesis, however, found that all of the Big Five factors are likely correlated to phishing response. The data suggests that high levels of openness and conscientiousness should help safeguard against phishing attacks. While high levels of extraversion, agreeableness, and neuroticism may help facilitate phishing victimization. This study also proffers a serial phishing victim personality. There are other key findings such as heuristic and systematic processing along with persuasion principles which are examined as well. This meta-synthesis gives a new theoretical model between the Big Five and phishing response based on its results. It also provides recommendations to tailor employee training regarding avoiding phishing scams using the individual’s personality traits.

Keywords: Phishing, Phishing Psychology, Big Five Factor Personality Model