Date of Award


Degree Type


Degree Name

Doctor of Information Technology


School of Computer and Security Science


Faculty of Computing, Health and Science

First Advisor

Craig Valli

Second Advisor

Andrew Woodward


Phishing involves sending e-mails pretending to be from the legitimate financial institutions to recipients and asking for personal information such as username and password. It also redirects network traffic to malicious sites, deny network traffic to web services, and modify protection mechanisms in the targeted computer systems. Consequences of successful attacks can include identity and financial losses, and unauthorised information disclosure.

The purpose of this study was to investigate the experiences of Western Australian bank users in using online banking. The study considered the relationship between the background of the Western Australian bank users and their experience in using online banking security. The research analysed phishing through case studies that highlighted some of the experiences of phishing attacks and how to deal with the problems. Emphasis was placed on knowledge of phishing and threats and how they were actually implemented, or may be used, in undermining the security of users’ online banking services. The preferences and perspectives of Western Australian bank users about the deployment of online banking security protection and about future online banking services, in order to safeguard themselves against phishing attacks, are presented. The aim was to assist such Australian bank users through exploring potential solutions and making recommendations arising from this study.

Research respondents had positive attitudes towards using online banking. Overall, they were satisfied with the security protection offered by their banks. However, although they believed that they had adequate knowledge of phishing and other online banking threats, their awareness of phishing attacks was not sufficient to protect themselves. Essentially, the respondents who had experienced a phishing attack believed it was due to weak security offered by their banks, rather than understanding that they needed more knowledge about security protection of their personal computers.

Further education is required if users are to become fully aware of the need for security within their personal online banking.

Included in

E-Commerce Commons