Image: Pixel 2013 (Pixabay)

Image: Pixel 2013 (Pixabay)

ANU Cybercrime Observatory researchers examine phishing risks in university student community

19th February 2020

More information

Roderic Broadhurst is Professor of Criminology at RegNet. He is Director of the ANU Cybercrime Observatory which was established in 2012. The Observatory is a focal point for research on human factors and cybercrime.

His current research focuses on crime and development, the recidivism of homicide offenders, cybercrime and organized and transnational crime.

You might also like

In a recent study, researchers from the Australian National University (ANU) lead by Roderic Broadhurst, Director of the ANU Cybercrime Observatory, explored the degree to which students are susceptible to social engineering directives such as fake emails or phishing.

Over several months, the team of researchers comprised of Roderic Broadhurst, Katie Skinner, Nicholas Sifniotis, Bryan Matamoros-Macias and Yuguang Ipsen, observed students’ responses to three different scam email types with varying degrees of individualisation: generic, tailored, and targeted or ‘spear’.

Interestingly, the research revealed that awareness of cybercrime, the level of IT competence and perceived internet safety, didn’t impact a student’s susceptibility to getting scammed.

However, researchers demonstrated that the relevance and saliency of the scam email’s content, did in fact influence student’s susceptibility to getting scammed.

Another important result was that international students and first year students were found to be more vulnerable to social engineering directives, given that they were deceived by significantly more scams compared to domestic students and later year students.

Following the publication of the research in the Australian Institute of Criminology’s Trends & issues in crime and criminal justice, Roderic Broadhurst commented:

“Manipulation (social engineering) of emails and texts to deceive people to upload phishing and ransomware remain significant risks for everyone.

“This remains the case today and the future – educational institutions need to do more to help international and new students avoid cyber “attacks”.

“Students underestimate the importance of identity theft as a precursor to many serious crimes and an empty bank account does not mean that they are not also valuable targets.”

Read more on this topic in ‘Phishing risks in a university student community’.

Updated:  10 August 2017/Responsible Officer:  Director, RegNet/Page Contact:  Director, RegNet