Research problem: During humanitarian crises, communities of people face various types of dangers. To counter the dangers, they need information in a short period. Such need creates the opportunity for misinformation. Such misinformation can result in information harms that can generate short- or long-term consequences. Literature review: Prior researchers have tackled the situation by using technical or behavioral approaches. Research question: What are the harms from misinformation? We propose a taxonomy of 15 information harms grouped in 8 categories and assess the perception of risk regarding the harms through a survey of respondents who have experienced crisis response situations. Methodology: This paper examines two scenarios, the 2013 Boston Marathon bombing and the 2017 Oroville Dam evacuation order crises, through two dimensions: Likelihood of occurrence and Level of impacts of the harms. Results and conclusions: Findings are presented through visualization and test results for significant differences of harms between scenarios. Similar groups of harms are identified with different severity levels based on post hoc analyses: those with 1. high likelihood and low impact (psychological and confusion harms), 2. low likelihood and low impact (reputation and privacy harms), and 3. low likelihood and high impact (physical, financial, safety, and social harms). In addition to establishing the taxonomy of misinformation harms, findings will have practical value in emergency response and recovery activities to effectively prioritize resources to minimize specific harms from misinformation in crises. Further research directions are also discussed.

Research problem: Phishing is an email-based scam where a perpetrator camouflages emails to appear as a legitimate request for personal and sensitive information. Research question: How do individuals process a phishing email, and determine whether to respond to it? Specifically, this study examines how users' attention to “visual triggers” and “phishing deception indicators” influence their decision-making processes and consequently their decisions. Literature review: This paper draws upon the theory of deception and the literature on mediated cognition and learning, including the critical role of attention and elaboration in deception detection. From this literature, we developed a research model to suggest that overall cognitive effort expended in email processing decreases with attention to visual triggers and phishing deception indicators. The likelihood to respond to phishing emails increases with attention to visceral cues, but decreases with attention to phishing deception indicators and cognitive effort. Knowledge of email-based scams increases attention to phishing deception indicators, and directly decreases response likelihood. It also moderates the impact of attention to visceral triggers and that of phishing deception indicators on likelihood to respond. Methodology: Using a real phishing email as a stimulus, a survey of 321 members of a public university community in the Northeast US, who were intended victims of a spear phishing attack that took place, was conducted. The survey used validated measures developed in prior literature for the most part and tested results using the partial least-squares regression. Results and discussion: Our research model and hypotheses were supported by the data except that we did not find that cognitive effort significantly affects response likelihood. The implication of the study is that attention to visceral triggers, attention to phishing deception indicators, and phishing knowledge play critical roles in phishing detection. The limitations of the study were that the data were drawn from students, and the study explored one phishing attack, relied on some single-item measures, cognitive effort measure, and a one-round survey. Future research would examine the impact of a varying degree of urgency and a varying level of phishing deception indicators, and actual victims of phishing attacks.