Do We Trust the Internet?: Ignorance and Overconfidence in Downloading and Installing Potentially Spyware-Infected Software

Do We Trust the Internet?: Ignorance and Overconfidence in Downloading and Installing Potentially Spyware-Infected Software

Kenneth Howah (Central Queensland University, Melbourne, Australia) and Ritesh Chugh (School of Engineering & Technology, Tertiary Education Division, Central Queensland University, Melbourne, Australia)
Copyright: © 2019 |Pages: 14
DOI: 10.4018/JGIM.2019070105

Abstract

The threat profile of spyware is increasing rapidly when we consider the pervasiveness of computing in everyday life. The surreptitious nature of spyware can lead to information mining, data theft and exploitation of stolen data. This article aims to explore the relationship between trust in the Internet and neglecting risks in downloading and installing free potentially spyware-infected software. This study found that trust can be viewed as an indirect function of ignorance and overconfidence through the mechanism of the calculated probability of risk. An enhanced model of trust, based on Li and Betts' trust model has been proposed with two additional vectors. The inference drawn from the study is that in most users' minds, the calculated or perceived risk is substantially less than the anticipated benefit of the software. The analysis shows that users trust the Internet when it comes to downloading and installing potentially spyware-infected software, although such nonchalant trust appears to be based on ignorance and over-confidence.
Article Preview
Top

Introduction

Malware (‘mal’, a Latin root meaning ‘bad’) is a generic term for any software created with malicious intentions, including spying. Views vary about what types of software are included under the umbrella term ‘spyware’. The term ‘spyware’ includes adware, key loggers, trojans, hijackers, dialers and malware (Garrie, Griver & Joller, 2010; Stafford & Urbaczewski, 2004). In contrast, it is not uncommon to find discussions treating adware and spyware as separate terms (Chien, 2005). While these terms refer to software with quite specific functions, other terms such as ‘malware’ are more generic and refer to any malicious software including viruses and worms, and these are usually treated as a separate category to spyware (Australian Government, 2006). The review of literature showed that most authors concur with this view. In short, viruses and worms are about causing destruction, damage or inconvenience to their victims, while spyware is about surreptitious information mining, data theft and exploitation of stolen data. This is the general distinction that will be utilised in this paper.

Spyware works by existing in background processes from which they perform their designed ‘mal’ functions. A variety of ‘mal’ functions exist, but in general, all engage in user or system monitoring, data gathering, and secret communications with a third party over the victim’s Internet connection. Software that is, or that contains, spyware is acquired in many ways, and the significant growth of public use of the Internet since the early 2000s has meant that increasingly, spyware can be acquired through users simply clicking on links found in websites, in emails (Sophos, 2013) and on social networking platforms (Wüest, 2010). Spyware has evolved over time into increasing levels of sophistication and consequent hazard to the victims.

Whilst computers and the Internet have reached widespread popularity only in recent decades, there appears to have been no substantial or significant breakthrough in human factors studies within this context since the Theory of Reasoned Action (TRA) in 1967, or the Technology Acceptance Model (TAM) in 1986. As a result, much of the scholastic literature concerning user motivations and technology use that rely on these models is not specific to addressing spyware proliferation (Boldt, 2007) and academic research has been parsimonious. In the already established Theory of Planned Behaviour (TPB) model, a factor called ‘perceived behaviour control’ is shown to be capable not only of influencing behavioural intentions, but also capable of directly influencing usage behaviour, that is, conscious intention is bypassed. It is important to recognise that what is being studied in this paper is fundamentally a facet of human behaviour around technology. A study of this nature may lead to the lowering of spyware proliferation globally by assisting both users and organisations alike. Current defences against spyware include user avoidance actions such as refraining from downloading free software, and installing antispyware detection and removal software. However, what needs to be explored are contributory factors to users’ calculation of risk probability that ultimately lead to the action of downloading and installing potentially spyware-infected software.

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 29: 6 Issues (2021): 3 Released, 3 Forthcoming
Volume 28: 4 Issues (2020)
Volume 27: 4 Issues (2019)
Volume 26: 4 Issues (2018)
Volume 25: 4 Issues (2017)
Volume 24: 4 Issues (2016)
Volume 23: 4 Issues (2015)
Volume 22: 4 Issues (2014)
Volume 21: 4 Issues (2013)
Volume 20: 4 Issues (2012)
Volume 19: 4 Issues (2011)
Volume 18: 4 Issues (2010)
Volume 17: 4 Issues (2009)
Volume 16: 4 Issues (2008)
Volume 15: 4 Issues (2007)
Volume 14: 4 Issues (2006)
Volume 13: 4 Issues (2005)
Volume 12: 4 Issues (2004)
Volume 11: 4 Issues (2003)
Volume 10: 4 Issues (2002)
Volume 9: 4 Issues (2001)
Volume 8: 4 Issues (2000)
Volume 7: 4 Issues (1999)
Volume 6: 4 Issues (1998)
Volume 5: 4 Issues (1997)
Volume 4: 4 Issues (1996)
Volume 3: 4 Issues (1995)
Volume 2: 4 Issues (1994)
Volume 1: 4 Issues (1993)
View Complete Journal Contents Listing