"The researchers say they're at a loss to explain this, allowing it's possible that survey responses about phishing experience may have been skewed by the experience of being phished. They also speculate that users who fell for the phishing scheme might overestimate their knowledge of phishing."
Mr. Dunning and Kruger might have an explanation for this mystery.