Mamello Mtshali, Kennedy Njenga
Abstract
The ubiquity of information technology in South African organisations has shaped the advent of pernicious phishing attacks. Despite the numerous phishing interventions such as improving the standards of information technology (IT), use and user training, phishing attacks keep persistently growing. This work tests the assumption that standards and training offer reasonable interventions for pernicious phishing attacks and reduce victimhood. Using a quantitative approach and data collected from users across the Johannesburg metropole it disproves this assumption. Of interest to management and practitioners of information systems security, is that user awareness is proven to be an important construct in exerting mitigation measures towards the rise of pernicious phishing attacks.