The recent hack of Epsilon's e-mail database has sounded the warning again: Beware of spam and phish. But you're a seasoned computer user and too smart to fall for those phony e-mails attempting to scam you out of personal info such as your bank accounts, right? Maybe not.

Scientists at four universities studying communications, consumer behavior, and information systems have conducted research to identify who falls prey to email scams and why. The researchers basic findings: If you spend a lot of time online, you're more susceptible to falling victim to a bogus e-mail than are those who limit their time online.

The researchers from University of Buffalo (NY), Brock University (Ontario, Calif.), Ball State University (Muncie, ID), and University of Texas in Arlington simulated a phishing attack on sample of computer users and found a wide variance in individual susceptibility. In their report, "Why Do People Get Phished," they wrote:

Our results indicate that people process most phishing emails peripherally and make decisions based on simple cues embedded in the email. Interestingly, urgency cues, i.e., threats and warnings, in the email stimulated increased information processing, short-circuiting the resources available for attending to other cues that could potentially help detect the deception.

What's more, they found that a person's competency with computers and online didn't protect them from e-mail scams. In other words, if you receive—and respond to—a lot of e-mail, you're likely to react automatically to a bogus e-mail's cues for "immediate action."

The researchers recommend that computer users need to develop "healthy e-mail habits," including:

• Using spam blockers to cut down on the number of e-mails you receive;
• Setting up separate e-mail accounts for different purposes—one for a bank acount, one for an online retailer, and so on;
• Establishing a set time and period of the day to answer e-mail.

According to the researchers, these survival tactics can help to reduce the clutter in your inbox, letting you focus on each piece of e-mail and spot fishy messages.

For more online security tips, see Consumer Reports' Guide to Online Security.

Off the Hook! Who Gets Phished and Why [University of Buffalo]