Cybercriminals Playing Mind Games With Users - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Business & Finance

Cybercriminals Playing Mind Games With Users

A study shows that spammers and phishers are playing on our biggest fears and our biggest desires.

Think mind games are only for dating and creepy movies?

Think again. According to researchers at McAfee, a new study shows that cybercriminals use psychological games to scam users. In his study, "Mind Games", Dr. James Blascovich, professor of psychology at the University of California, Santa Barbara, focuses on multiple common spam scams and looks at how cybercriminals use fear, greed, and lust to steal personal and financial information.

"Scam spam works best by providing recipients with a sense of familiarity and legitimacy, either by creating the illusion that the e-mail is from a friend or colleague, or providing plausible warnings from a respected institution," Dr. Blascovich wrote. "Once the victim opens the e-mail, criminals use two basic motivational processes, approach and avoidance, or a combination of the two, to persuade victims to click on dangerous links, provide personal information, or download risky files."

He also added that by scamming $20 from just half of 1% of the U.S. population, cybercriminals can earn $15 million each day and nearly $5.5 billion in a year. That rings up to be a powerful attraction for scam artists.

One key to the scammers' success is familiarity, according to Blascovich's study, which was backed up by a similar report that McAfee commissioned. One example is phishing scams, which fraudulently acquire sensitive information, like usernames, passwords, and financial data, by disguising the phony e-mails as being from a familiar or nationally recognized bank, credit card company, or even an online auction site.

McAfee reported in an online release that its Avert Labs researchers discovered that the number of phishing Web sites increased by 784% in the first half of 2007.

Popular sites also are increasingly victimized, according to the Blascovich report. For example, in December 2006, cybercriminals targeted the MySpace site and used a worm to convert legitimate links to one that lured consumers to a phishing site designed specifically to steal personal information.

"Along with the alarming increase in phishing e-mails, we are also seeing more sophisticated messages that can fool all but the most highly trained surfer," said David Marcus, security research and communications manager at McAfee Avert Labs, in a written statement. "While earlier phishing e-mails often included typos, awkward language, and minor graphical mistakes, newer scams appear to be more legitimate, with slicker graphics and copy that closely mirrors the language used by respected institutions."

But scammers aren't just going with feigning familiarity. Some are trying a different tactic -- fear.

Subject lines like "Urgent Security Notification" and "Your billing account records are out of date," make people worry that if they don't respond, they'll get into financial trouble. Other lures, like "Must Complete and Submit" or "You Are Missing Out," are less blatant but similarly trick users into thinking that without taking action, they're going to lose out, the report added.

And, of course, still other scammers take advantage of the lovelorn. Blascovich reported that a subject line like, "Why spend another week lonely?" preys on people who are feeling lonely and insecure. McAfee offers information about phishing scams and other security threats on its Web site.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll