Phishing attacks rate as one of the most prevalent security threats to contemporary organizations. Hence, managers strive heavily to apply security measures that keep their employees safe from these risks, thereby relying on insights from security researchers who have predominantly focused on recipient characteristics, message attributes, and interventions to explicate the phishing susceptibility of individuals. A theoretical lens yet to be explored is the discrete context in which individuals encounter phishing attacks. This paper presents a multi-dimensional model – comprising the three contextual components social, task, and physical – that explains why an employee is likely to fall for phishing emails or not. To empirically validate our model, we conducted a field study among 2302 employees of an internationally operating pharmaceutical company in the United States. By combining employees' behavioral responses to a phishing email, training data, and contextual data, like help desk reliance, job status or workspace, we find that context is key to a more thorough understanding of phishing susceptibility. Moreover, our study provides practical insights on how organizations can identify and support employees prone to phishing as well as tailor training programs to prevent their workforce from falling prey to cybercriminals.

网络钓鱼攻击是当代组织最普遍的安全威胁之一。因此，管理人员努力应用安全措施来保护员工免受这些风险的影响，从而依靠主要关注收件人特征、消息属性和干预措施的安全研究人员的见解来解释个人的网络钓鱼易感性。一个尚待探索的理论镜头是个人遇到网络钓鱼攻击的离散上下文。本文提出了一个多维模型——包括社交、任务和身体三个上下文组件——它解释了为什么员工可能会因网络钓鱼电子邮件而堕落。为了从经验上验证我们的模型，我们在美国一家跨国经营的制药公司的 2302 名员工中进行了实地研究。通过结合员工对网络钓鱼电子邮件的行为反应、培训数据和上下文数据，如帮助台依赖、工作状态或工作空间，我们发现上下文是更透彻地了解网络钓鱼易感性的关键。此外，我们的研究提供了有关组织如何识别和支持容易受到网络钓鱼的员工以及定制培训计划以防止其员工成为网络犯罪分子的牺牲品的实用见解。