Abstract
Phishing emails cause significant losses for organisations and victims. To fight back against phishing emails, victims' detection behaviours must be identified and improved. Then, the impact of victims' characteristics on their detection behaviours must be measured. Three methods, namely experiments, surveys and semi-structured interviews, were applied in our research to gain a richer understanding of victims' behaviours concerning phishing emails. Several user characteristics were measured using the deception detection model. The results suggest that users' characteristics either increase or decrease their suspicions. Characteristics such as user extraversion, trust and submissiveness represent variables that prevent victims from suspecting phishing emails. In contrast, email experience increases victims' suspicion of phishing emails. Furthermore, victims' personality characteristics and a variable called the susceptibility variable play important roles in increasing the tendency of victims to execute the actions requested in phishing emails.