Examining the Relationship between
Threat and Coping Appraisal in Phishing Detection among College Students David J. Lemay1, Ram B.
Basnet2+, and Tenzin Doleck3 1McGill University, Quebec, Canada david.lemay@mail.mcgill.ca 2Colorado
Mesa University, Colorado, USA rbasnet@coloradomesa.edu 3University of Southern
California, California, USA tenzin.doleck@mail.mcgill.ca Abstract An important segment of information security
research has focused on improving security protocols by encouraging
protective behaviors in users of information technology. Intervention based
research focused on changing users' responses to threat appraisals is
informed by protection motivation theory (PMT). The present study proposed a
model of the relationship between college students' threat perceptions, their
level of anxiety and an adaptive coping response, here conceived as a
behavioral intention to learn about phishing. Partial least squares
structural equation modeling was used to empirically test a model of college
users' response to perceived phishing threat and the relationship to their
coping appraisal. We find that perceived detection threat negatively
influenced detection efficacy and positively influenced anxiety, as expected.
We did not find a relationship between detection efficacy and anxiety, nor
did we find a positive relationship between anxiety and behavioral intention
towards an adaptive coping response. The absence of a relationship between
anxiety, efficacy, and behavioral intention is at odds with the main
assumption of fear-based drive-reduction theories, that fear reduction
induces protection motivation. Although we cannot rule out other coping
responses such as emotion- or avoidance-based coping without experimental
intervention, it remains unclear how distinct such coping behaviors are in
practice. Keywords: Threat and Coping Appraisal, Phishing, Phishing
Detection, College Students, Behavioral Intentions +: Corresponding
author: Ram B. Basnet Department of Computer Science and Engineering,
Colorado Mesa University, Grand Junction, Colorado, USA Journal
of Internet Services and Information Security
(JISIS), 10(1): 38-49,
February 2020 DOI: 10.22667/JISIS.2020.02.29.038 [pdf] |