This is likely because users automatically respond to requests without considering how they are connected with those sending the requests, how long they have known them, or who else is connected with them, researchers said.
Predictors of habitual use of Facebook include frequent interactions with the platform, a large number of friend connections, and individuals' inability to regulate their social media consumption.
"Social media phishing is the attack vector of choice among cyber criminals and has been implicated in crimes ranging from home invasion to cyber bullying, illegal impersonation of individuals and organisation, and espionage," said Dr Arun Vishwanath, author of the study, from the Department of Communication, University at Buffalo.
"These scams attempt to trick people into accepting friend requests and gathering intel from them. Hence, understanding why individuals fall victim to social media phishing scams is important from an organisational security, law enforcement, and a national security standpoint." Vishwanath said.
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
The study was published in the Journal of Computer-Mediated Communication.