Exploring User Risk Factors and Target Groups for Phishing Victimization in Pakistan

Phishing attacks pose a significant cybersecurity threat globally. This study investigates phishing susceptibility within the Pakistani population, examining the influence of demographic factors, technological aptitude and usage, previous phishing victimization, and email characteristics. Data was collected through convenient sampling; a total of 164 people completed the questionnaire. Contrary to some assumptions, the results indicate that men, individuals over 25, employed persons and frequent online shoppers have relatively high phishing susceptibility. The characteristics of email significantly affected phishing victimization, with authority and urgency signaling increasing susceptibility, while risk cues sometimes improved vigilance. In particular, users were more susceptible to emails from communication services such as Gmail and LinkedIn compared to government or social media sources. These findings highlight the need for targeted security awareness interventions tailored to specific demographics and email types. A multifaceted approach combining technology and education is crucial to combat phishing attacks.