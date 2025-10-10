A new peer-reviewed study in the European Journal of Information Systems, finds that people are more likely to miss phishing cues while multitasking, and that timely reminders can improve accuracy.

The research team tested how working memory load — the mental strain from another task — changes a person’s ability to spot bad emails.

When that load increased, detection accuracy dropped. Brief on-screen goal cues nudging people to “watch for phishing” boosted performance, especially on reward-style lures such as prize or refund messages.

The authors ground their experiments in memory-for-goals theory, which explains why attention shifts make the “check this carefully” goal fade in the background.

When attention hops to an email mid-task, the security goal must be re-activated before a person decides what is safe.

Reminders act like a quick primer. They restore the goal at the moment it matters, narrowing the gap caused by mental overload.

The takeaway for workplaces is practical. Security training should reflect real conditions, not quiet labs: teach people to evaluate messages while juggling tasks, with short, well-timed prompts.

Tools that sense busy moments could delay low-priority alerts and surface phishing warnings when users are most distracted.

Policy changes can help too: slow the click path on “reward” claims, highlight sender and link mismatches by default, and give people a simple “verify later” option that saves messages for a calmer review.

