Tara Thomsen, Jennifer Salemy, Christian Willis, and Rick Wash, University of Wisconsin-Madison
Phishing affects everyone, but certain groups are at a higher risk of being phished than others. Prior research has pointed to language skills impacting phishing detection. We conducted a survey with the aim of understanding English as a Second Language (ESL) speakers' experiences with phishing compared to native English speakers to find out if one group was at a greater risk of falling for phishing than the other. We surveyed 100 native Mandarin, Korean, Spanish, and English speakers, 400 participants in total, who are living in the United States and are fluent in English. We presented the participants with phishing, ambiguous, and legitimate email simulations. We found that ESL speakers are at a lower risk of phishing than native English speakers. Additionally, we identified three key parts of the ESL experience of phishing, covering the weariness of receiving emails in their native language, the importance of familiarity, and the consideration of language specific nuances. Our findings show that just because someone is ESL does not mean they are necessarily more at risk of being phished. In the case of ESL speakers in the United States who are fluent, the opposite is true, this group is less likely to be phished when compared to Native English speakers.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
