EU Science Hub

Nudging Online Security Behaviour with Warning Messages: Results from an online experiment

Abstract: 
This study is part of a larger effort to better understand online behaviour. We tested the effect on people’s security behaviour of different ways of warning them about cybersecurity threats with an online experiment (n=5,065) in Germany, Sweden, Poland, the UK and Spain. Participants had to make a purchase in a mock online store, and their behaviour was observed through four behavioural measures. Results show that making users aware of the steps they can take to minimise their exposure to risk is effective in generating more secure behaviour, as suggested by protection motivation theory. Gain and loss-framed messages, and a message with a male anthropomorphic character, also had some effect on behaviour compared to the control group. The study also included a questionnaire. Results showed that more risk-averse participants exhibited more cautious behaviour. Finally, although they influenced behaviour itself, warning messages based on behavioural insights did not affect participants' self-reported knowledge of how to prevent cyberattacks.