The investments in information security have been increasing globally, however there are still many security leakage incidents. In third quarter of 2014, more than one hundred eighty three million personal and financial information leakage and 95% of information leakage are related to human error. Therefore, further investigation of users’ information security behavior is necessary. Currently, there are many studies of users’ information security behavior, but still, few studies from the perspective of cognitive neuroscience. This study investigates the users’ information security behavior by measuring their brainwave activity while viewing email social engineer messages in an experimental setting. The result shows that a subject’s brainwave is affected by habits, gender, the level of understanding and the EEG power asymmetry of perception in two cerebral hemispheres. Observing the affects to a person’s brainwave from these external informational could be a reference for future information security studies.