We present a lab-in-the-field experiment to demonstrate how individual behavior in the lab predicts their ability to identify phishing attempts. Using the business and finance staff members from a large public university in the U.S., we find that participants who are intolerant of risk, more curious, and less trusting commit significantly more errors when evaluating interfaces. We also replicate prior results on demographic correlates of phishing vunerability, including age, gender, and education level. Our results suggest that behavioral characteristics such as risk attitude intolerance to risk, curiosity, and trust can be used to predict individual ability to identify phishing interfaces.