Email users are vulnerable to phishing threats and a greater understanding of how to protect them is needed. This research investigates how response costs and rewards influence users’ protective and maladaptive security behaviours in the domain of phishing by testing a model that extends Protection Motivation Theory to more explicitly consider the role of maladaptive behaviour. The results show that rewards influence maladaptive behaviour rather than protective behaviour in response to email phishing threats, and that response costs influence both maladaptive and protective behaviours. That is, any perceived benefits from not performing protective behaviours against email phishing threats will result in an increase in the performance of maladaptive behaviours. Similarly, any increases in costs perceived to be incurred for performing protective behaviours against email phishing threats will result in a decrease in protective behaviour and an increase in maladaptive behaviour. These findings have both practical implications and implications for future research into protections against phishing threats.

电子邮件用户容易受到网络钓鱼威胁，因此需要对如何保护它们有更多的了解。这项研究通过测试扩展保护动机理论以更明确地考虑不良行为的作用的模型，研究了响应成本和奖励如何在网络钓鱼领域影响用户的保护和不良适应安全行为。结果表明，响应电子邮件网络钓鱼威胁，奖励影响不良适应行为而不是保护行为，并且响应成本影响不良适应行为和保护行为。也就是说，不采取针对电子邮件网络钓鱼威胁的保护性行为而获得的任何可感知的收益将导致适应不良行为的表现增加。相似地，认为执行针对电子邮件网络钓鱼威胁的防护行为所引起的任何成本增加，都将导致防护行为的减少和适应不良行为的增加。这些发现对未来针对网络钓鱼威胁的防护研究具有实际意义和意义。