Open Access

ARTICLE

The Impact of Cybersecurity Awareness on Phishing Attack Vulnerability

Darlington Chigozie Okeke^*

Department of Computing and Engineering, University of Gloucestershire, Cheltenham, UK

* Corresponding Author: Darlington Chigozie Okeke. Email:

Journal of Cyber Security 2026, 8, 281-317. https://doi.org/10.32604/jcs.2026.079750

Received 27 January 2026; Accepted 16 March 2026; Issue published 29 May 2026

Abstract

Phishing has become the most common cybersecurity threat and increasingly exploits human factors rather than technical vulnerabilities. This study examined the relationships between cybersecurity awareness, training frequency, user cyber-hygiene behaviour, organisational culture, risk perception, and self-reported phishing vulnerability and the theoretical basis of this research is the Technology Threat Avoidance Theory (TTAT). A quantitative correlational design was used for data collection and analysis with Pearson correlation in structured questionnaires. The results indicated that the five independent variables have a significant positive relationship with phishing vulnerability. The increased awareness and regular training correlate with greater recognition of the vulnerability, suggesting improved self-observation but not an increased risk. On the same note, users with high cyber-hygiene practices also perceived themselves as more vulnerable, suggesting that protective measures can be driven by risk perception. An organisational culture also significantly correlated with vulnerability, which requires institutions that are supportive to provide a key role in threat perception. Vulnerability was also impacted by risk perception, with those who perceived phishing to be serious and personalised tending to agree that they were vulnerable. The findings, in general, support the idea that phishing vulnerability is a multidimensional phenomenon shaped by cognitive, behavioural, and organisational factors.

---

Keywords

---