{"id":37,"date":"2026-05-05T15:05:01","date_gmt":"2026-05-05T15:05:01","guid":{"rendered":"https:\/\/student.wp.odu.edu\/jdick043\/?page_id=37"},"modified":"2026-05-05T15:15:39","modified_gmt":"2026-05-05T15:15:39","slug":"article-reviews","status":"publish","type":"page","link":"https:\/\/student.wp.odu.edu\/jdick043\/cyse-201s\/article-reviews\/","title":{"rendered":"Article Reviews"},"content":{"rendered":"\n

Article Review #1: The Health Belief Model and Phishing: Determinants of Preventative Security Behaviors<\/strong><\/p>\n\n\n\n

James Dickinson
Department of Cybersecurity, Old Dominion University
CYSE 201S: Cybersecurity and the Social Sciences
Instructor name: Diwakar Yalpi
Date: 2\/26\/2026<\/p>\n\n\n\n

Introduction\/BLUF<\/strong>
This research paper goes into the determinants of preventative security behaviors under the Health Belief Model (HBM) in relation to phishing security practices. Specifically, it investigates why exactly people engage in preventative security behaviors and uses the HBM, a social science framework, to identify the various factors that may play a role. This research found that people are more likely to follow safe preventative security behaviors when they perceive few barriers to practice, have high confidence in their preventative security abilities, have prior security experience, perceive themselves to be vulnerable, and believe actions are effective (Du, 2024). This study concludes that human psychology may play just as important a role in cybersecurity as technological defenses do in preventing vulnerabilities and attacks.
Relation\/Connection to Social Science Principles
<\/strong>Objectivity and empiricism are some of the social science principles that are heavily used within this research paper. This is done throughout most steps of the research (the survey and its analysis), but more specifically, the inclusion of subgroups of students, faculty, and staff, as well as the inclusion of moderating variables. This allowed for good objectivity by looking at many demographics, as well as strong empirical rigor with the interplay of the independent variables, dependent variables, and the moderating variables, allowing for an in-depth and concise review of all possible factors at play for many different people. Relativism is another social science principle that has a deeply ingrained role to play, as the survey itself was based on the relation between the HBM constructs and how they lead to safer email security practices. In a similar way to relativism, determinism also has a deeply ingrained role to play, interplaying with the principle of relativism. The direct causes, in relation to how they came to be, were what was actually investigated here and how they impacted each person’s preventative cybersecurity practices.
Research Question \/Hypothesis\/ Independent Variable\/Dependent Variable
<\/strong>The research question in this paper is, \u201cWhat are \u201cthe drivers of preventative behavior\u201d within subjects in relation to email-based phishing attacks?\u201d (Du, 2024). This article has 7 main hypotheses: \u201cH1\u2014perceived benefits (BEN) of practicing email security behaviors are positively related to email security behaviors\u201d, \u201cH2\u2014perceived barriers (BAR) to practicing email security behaviors are negatively related to email security behaviors\u201d, \u201cH3\u2014self-efficacy (EFF) is positively related to email security behaviors\u201d, \u201cH4\u2014perceived vulnerability (VUL) to email-related security incidents is positively related to email security behaviors\u201d, \u201cH5\u2014cues to action (CUE) are positively related to email security behaviors\u201d, \u201cH6\u2014prior experience (EXP) with email-related security issues is positively related to email security behaviors\u201d, and \u201cH7\u2014perceived severity (SEV) of email-related security issues is positively related to email security behaviors\u201d (Du, 2024). As previously mentioned, there are two moderating variables: prior experience and perceived severity, both with their own hypotheses. The hypotheses for the prior experience variable are as follows: \u201cH6a\u2014prior experience with email-related security incidents increases the positive effect of perceived benefits on email security behaviors (EXPxBEN)\u201d, \u201cH6b\u2014prior experience with email-related security incidents reduces the negative effect of barriers to practice on email security behaviors (EXPxBAR)\u201d, \u201cH6c\u2014prior experience with email-related security incidents reduces the positive effect of self-efficacy on email-related security behaviors (EXPxEFF)\u201d, \u201cH6d\u2014prior experience with email-related security incidents increases the positive effect of perceived vulnerability on email security behaviors (EXPxVUL)\u201d, \u201cH6e\u2014prior experience with email-related security incidents increases the positive effect of cues to action on email security behaviors (EXPxCUE)\u201d, \u201cH6f\u2014prior experience with email-related security incidents increases the positive effect of perceived severity on email security behaviors (EXPxSEV)\u201d (Du, 2024). The hypotheses for the perceived severity are as follows: \u201cH7a\u2014perceived severity of any email-related security incidents reduces the positive effect of perceived benefits on email security behaviors (SEVxBEN)\u201d, \u201cH7b\u2014perceived severity of any email-related security incidents reduces the negative effect of barriers to practice on email security behaviors (SEVxBAR)\u201d, \u201cH7c\u2014perceived severity of any email-related security incidents reduces the positive effect of self-efficacy on email security behaviors (SEVxEFF)\u201d, \u201cH7d\u2014perceived severity of any email-related security incidents increases the positive effect of perceived vulnerability on email security behaviors (SEVxVUL)\u201d, \u201cH7e\u2014perceived severity of any email-related security incidents increases the positive effect of cues to action on email security behaviors (SEVxCUE)\u201d, \u201cH7f\u2014perceived severity of any email-related security incidents increases the positive effect of prior experience with email-related security incidents on email security behaviors (SEVxEXP)\u201d (Du, 2024). \u201cThe seven IVs are perceived benefits (BEN), perceived barriers to action (BAR), self-efficacy (EFF), perceived vulnerability (VUL), cues to action (CUE), prior experience (EXP), and perceived severity (SEV). Among them, prior experience and perceived severity are used as moderators that impact the association between other IVs and the dependent variable\u201d (Du, 2024). Of the seven, only five were shown to be \u201csignificant determinants of [the] survey subjects\u2019 email security behavior\u201d (Du, 2024). \u201cThe dependent variable is the subjects\u2019 self-reported email security behavior (BEH)\u201d (Du, 2024).
Types of Research Methods used
<\/strong>The main method this research study used was a survey, conducted in a Midwest university among the students, faculty, and staff. This was a quantitative survey-based method that used a 5-point Likert scale for the various constructs of the HBM. The researchers chose a random sample from 8 selected demographics of each of the student, faculty, and staff groups and sent them the survey. The quantitative scores represent the 8 constructs.
Types of Data Analysis used
<\/strong>The researchers had to conduct their two-step analysis on three different data sets: the whole data set, then two different subgroup datasets. The first of the two steps was an exploratory factor analysis. This was done in order to \u201cextract the factors (latent variables) from the [\u2026] data\u201d sets, allowing for the validation of their model constructs (Du, 2024). The second step of their analysis was the multiple regression analysis. This was done via the previous factors\u2019 scores being calculated by SPSS (Du, 2024). The dependent variable was then regressed on the seven IVs, as well as the hypothesized interactions, using those previously obtained scores (Du, 2024).
Connections to other Course Concepts
<\/strong>This paper is dependent upon the Health Belief Model (HBM), which is basically a model used to understand why people do and don’t do things. This model is based on behavioral science, as it is used to understand the behaviors of people, connecting this to the behavioral theory. Another underlying connection this article has to 201S is the overall motivation of human factor optimisation. In the beginning of the article, it argues that \u201cTechnical defenses on their own are insufficient, as phishing is an attack targeting the human\u201d; this shows that understanding the relation between the constructs of the HBM and the predeterminants of phishing is, at a baseline, a study to gain a better understanding of human factor dynamics within email security (Du, 2024). One moderating variable used in this study was prior experience, and the role it plays in predetermining phishing susceptibility. The use of this factor, especially as a moderating variable, shows the researchers were considering reinforcement sensitivity theory, as a specific reinforcement is exactly what could have happened in the past that they were accounting for.
Connections to the Concerns or Contributions of Marginalized Groups
<\/strong>This same research group had actually conducted a very similar study on the same thing using a survey, but had limited sampling. One of the main goals of this study, in particular, was to build upon the previous study, but improve it by using a much larger sample size, that being the students, faculty, and staff from all around a university’s campus. On top of that, they include 8 different demographics for each of their groups and subgroups. These different demographics were for people under 20, people from 20-29, 30-39, 40-49, 50-59, 60+, male, and female. This allows for a much more conclusive study that incorporates many possibilities that may affect their scores. The significant determining factors were then analyzed and compared. They showed \u201cthat self-efficacy impacts both students and employees\u2019 email security behavior while perceived benefits only impact the employees and prior experience only impacts the students\u201d (Du, 2024). It’s suggested that these differences may be due to differences in maturation or experience.
Overall Societal Contributions of the Study\/Conclusion
<\/strong>This study has great contributions to society, especially within the fields of cybersecurity and the social sciences. This study highlights just how big a role human factors like bias and behavior play in understanding and properly implementing security policy, as well as practicing safe security practices. The paper then goes on to suggest that these highlighted factors should, in fact, be focused on during the implementation of such security policies and training. By also highlighting human psychology and societal risk, it is posited that cybersecurity should be much more of a societal issue than just a tech issue, as these technologies have been integrated into our daily lives; for example, emails and their security practices are meaningful to most people in society, not just tech. This paper helps to further advance our understanding of cybersecurity and the social sciences by offering empirical, quantitative data that can be referenced and understood by policymakers and users alike to become safer online. It does this by analysing the factors that actually affect people’s security practices so that experts have an easier and more accurate experience when deciding what’s best in things like policy and security training.<\/p>\n\n\n\n

Reference<\/strong>
Jie Du, Andrew Kalafut, Gregory Schymik, The health belief model and phishing: determinants of preventative security behaviors, Journal of Cybersecurity, Volume 10, Issue 1, 2024, tyae012, https:\/\/doi.org\/10.1093\/cybsec\/tyae012<\/p>\n\n\n\n

<\/p>\n\n\n\n

Article Review #2: Exploring the Psychological Profile of Cybercriminals: A Comprehensive Review for Improved Cybercrime Prevention<\/p>\n\n\n\n

James Dickinson
Department of Cybersecurity, Old Dominion University
CYSE 201S: Cybersecurity and the Social Sciences
Instructor name: Diwakar Yalpi
Date: 4\/16\/2026<\/p>\n\n\n\n

Introduction\/BLUF
<\/strong>The article, Exploring the Psychological Profile of Cybercriminals: A Comprehensive Review for Improved Cybercrime Prevention (Trinh et al., 2025), is an analytical overview of cybercrime, its implications, and possible solutions in prevention. After describing various perspectives along with the background of cybercrime, the authors then go on to analyze 45 different studies in order to analyze the \u201ctypes [of cybersecurity crimes], [the] impacts, and prevention strategies\u201d (Trinh et al., 2025). Despite the title, this article does not go very in-depth into the psychological profile of a cybercriminal; rather, it provides an overview of the crimes, their implications across multiple fields and sectors, and highlights the need for the integration of psychological insight in cybercrime laws.
Relation\/Connection to Social Science Principles
<\/strong>This article is all about the implications cybercrime and cybersecurity have on societies, and with that, principles of social science like determinism and parsimony are centrally included within the core of this article. Determinism is the basis for the analysis of different papers in order to identify determining characteristics of a cybercriminal. Based on their findings, the authors pose that cybercriminals are more likely to be characterized by things like impulsivity and narcissism, which allows people like policymakers to profile criminals in order to prevent potential cybercrimes and be more proactive in general. On top of this, they linked theories such as the deterrence theory, which suggests that people are less likely to commit a crime if the costs outweigh the benefits, to preventative actions regarding cybercrime; this is deterministic at its root. The authors also did a good job of employing empiricism with their screening of studies to use. They screened 1,200 studies and only ended up using 45, implying that they made sure to choose material that was grounded in factual, empirical evidence that could be objectively analyzed and used within the paper. In a similar way, the authors also employed parsimony. With the analysis and summarization of many of the findings within these 45 studies, the authors made use of parsimony in order to present the analytical information of 45 different studies in one conclusive study, allowing the reader to pull information from dozens of sources in just the time it takes to go over one.
Research Question \/Hypothesis\/ Independent Variable\/Dependent Variable
<\/strong>This research article aimed to answer the question, \u2018What are the psychological traits of
Cybercriminals and what are their implications for crime prevention?\u2019 (Trinh et al., 2025). The author implies that understanding cybercriminal behaviors is necessary in developing prevention strategies, implying that cybercriminals exhibit traits like narcissism, impulsivity, and high technical proficiency, and understanding these traits would allow policymakers to create a better foundation for preventative measures. The authors of this article conducted a literature review, screening 1,200 studies and only using 45, in order to examine the independent variable, the psychological traits of cybercriminals. The authors examined these influencing factors and measured how much they shape cybercriminal behavior. After the literature review, the authors would then go on to examine the impacts of cybercrime and discuss the potential prevention and mitigation strategies regarding the impact of security incidents. The dependent variable is the discussed effectiveness of the prevention and mitigation strategies.
Types of Research Methods used
<\/strong>The authors conducted a systematic literature review under PRISMA guidelines and utilized inclusion and exclusion criteria that resulted in the use of 45 studies out of 1,200 screened. The authors also utilized secondary research in their employment of case study analysis.
Types of Data Analysis used
<\/strong>When conducting the review of the 45 studies, the authors analyzed them based on qualitative content, connecting correlations, patterns, and insights from the papers. With this, they also employed a comparative analysis between the 45 studies and their results. The authors then went on to analyze the data via evaluation, determining various prevention and mitigation strategies to address cybercrime.
Connections to other Course Concepts
<\/strong>This research article conducted a systematic literature review of 45 studies; this is an example of archival research. Conducting archival research allowed the authors\/researchers to look over a huge amount of information over a long period of time, which wouldn\u2019t have been possible unless the researchers conducted a years-long case study. The researchers also included the concept of interdisciplinary science in this analysis, as the core idea they were questioning was interdisciplinary. This is because they wanted to connect the psychological traits of cybercriminals to their actions within cyberspace, directly connecting criminal justice, cybersecurity, and psychology. On top of that, the researchers were trying to understand the data with human systems integration in mind, as they were trying to gain a better understanding of the human factor\u2019s (psychology specifically) implications in preventative and mitigatory measures. With this, they tried to understand the profile of a cybercriminal in the beginning through the lens of the psychodynamic theory. Although they never went fully in-depth into the actual profile of a cybercriminal, this idea was certainly a pretense for the article and a basis for the connection between a cybercriminal’s behavior and possible mitigation or prevention methods.
Connections to the Concerns or Contributions of Marginalized Groups
<\/strong>Although the authors didn\u2019t consider many marginalized groups, such as how lower-income families are more likely to experience identity fraud and are often much more affected by it, the authors did consider the current gaps in research regarding marginalized groups, like small and medium-sized enterprises, and the psychological and social impacts related to them. On top of that, in a general sense, existing studies in cybersecurity and cybercrime often suffer from methodological limitations such as sample size and bias. This means that this type of research is inherently unrepresentative of smaller marginalized demographics, which represents a flaw in the studies they analyzed.
Overall Societal Contributions of the Study\/Conclusion
<\/strong>Despite the fact that this article didn\u2019t go very in-depth into the actual psychological profile of a cybercriminal, it did do a good job at synthesizing and analyzing a huge database of studies. This consolidation of knowledge is very useful to students and professionals alike as it allows readers to pull information from many sources, then gain an understanding of possible preventative or mitigatory methods, connecting the studies to actionable insights. The insights were mostly in the form of policy recommendations, which is also quite a boon to policy makers and politically oriented researchers. This paper concludes by overviewing its findings and their relation to future recommendations for an interdisciplinary approach to mitigation and prevention.<\/p>\n\n\n\n

Reference<\/strong>
Trinh, D. T., Dinh, T. C. H., & Tran, T. N. K. (2025). Exploring the psychological profile of
cybercriminals: A comprehensive review for improved cybercrime prevention. International
Journal of Cyber Criminology, 19(1), 114\u2013137.https:\/\/cybercrimejournal.com\/menuscript\/index.php\/cybercrimejournal\/article\/view\/452\/133<\/p>\n","protected":false},"excerpt":{"rendered":"

Article Review #1: The Health Belief Model and Phishing: Determinants of Preventative Security Behaviors James DickinsonDepartment of Cybersecurity, Old Dominion UniversityCYSE 201S: Cybersecurity and the Social SciencesInstructor name: Diwakar YalpiDate: 2\/26\/2026 Introduction\/BLUFThis research paper goes into the determinants of preventative… Continue Reading →<\/a><\/p>\n","protected":false},"author":32004,"featured_media":0,"parent":13,"menu_order":1,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/student.wp.odu.edu\/jdick043\/wp-json\/wp\/v2\/pages\/37"}],"collection":[{"href":"https:\/\/student.wp.odu.edu\/jdick043\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/student.wp.odu.edu\/jdick043\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/student.wp.odu.edu\/jdick043\/wp-json\/wp\/v2\/users\/32004"}],"replies":[{"embeddable":true,"href":"https:\/\/student.wp.odu.edu\/jdick043\/wp-json\/wp\/v2\/comments?post=37"}],"version-history":[{"count":4,"href":"https:\/\/student.wp.odu.edu\/jdick043\/wp-json\/wp\/v2\/pages\/37\/revisions"}],"predecessor-version":[{"id":42,"href":"https:\/\/student.wp.odu.edu\/jdick043\/wp-json\/wp\/v2\/pages\/37\/revisions\/42"}],"up":[{"embeddable":true,"href":"https:\/\/student.wp.odu.edu\/jdick043\/wp-json\/wp\/v2\/pages\/13"}],"wp:attachment":[{"href":"https:\/\/student.wp.odu.edu\/jdick043\/wp-json\/wp\/v2\/media?parent=37"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}