Cybercriminals Playing Mind Games With Users - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Business & Finance

Cybercriminals Playing Mind Games With Users

A study shows that spammers and phishers are playing on our biggest fears and our biggest desires.

Think mind games are only for dating and creepy movies?

Think again. According to researchers at McAfee, a new study shows that cybercriminals use psychological games to scam users. In his study, "Mind Games", Dr. James Blascovich, professor of psychology at the University of California, Santa Barbara, focuses on multiple common spam scams and looks at how cybercriminals use fear, greed, and lust to steal personal and financial information.

"Scam spam works best by providing recipients with a sense of familiarity and legitimacy, either by creating the illusion that the e-mail is from a friend or colleague, or providing plausible warnings from a respected institution," Dr. Blascovich wrote. "Once the victim opens the e-mail, criminals use two basic motivational processes, approach and avoidance, or a combination of the two, to persuade victims to click on dangerous links, provide personal information, or download risky files."

He also added that by scamming $20 from just half of 1% of the U.S. population, cybercriminals can earn $15 million each day and nearly $5.5 billion in a year. That rings up to be a powerful attraction for scam artists.

One key to the scammers' success is familiarity, according to Blascovich's study, which was backed up by a similar report that McAfee commissioned. One example is phishing scams, which fraudulently acquire sensitive information, like usernames, passwords, and financial data, by disguising the phony e-mails as being from a familiar or nationally recognized bank, credit card company, or even an online auction site.

McAfee reported in an online release that its Avert Labs researchers discovered that the number of phishing Web sites increased by 784% in the first half of 2007.

Popular sites also are increasingly victimized, according to the Blascovich report. For example, in December 2006, cybercriminals targeted the MySpace site and used a worm to convert legitimate links to one that lured consumers to a phishing site designed specifically to steal personal information.

"Along with the alarming increase in phishing e-mails, we are also seeing more sophisticated messages that can fool all but the most highly trained surfer," said David Marcus, security research and communications manager at McAfee Avert Labs, in a written statement. "While earlier phishing e-mails often included typos, awkward language, and minor graphical mistakes, newer scams appear to be more legitimate, with slicker graphics and copy that closely mirrors the language used by respected institutions."

But scammers aren't just going with feigning familiarity. Some are trying a different tactic -- fear.

Subject lines like "Urgent Security Notification" and "Your billing account records are out of date," make people worry that if they don't respond, they'll get into financial trouble. Other lures, like "Must Complete and Submit" or "You Are Missing Out," are less blatant but similarly trick users into thinking that without taking action, they're going to lose out, the report added.

And, of course, still other scammers take advantage of the lovelorn. Blascovich reported that a subject line like, "Why spend another week lonely?" preys on people who are feeling lonely and insecure. McAfee offers information about phishing scams and other security threats on its Web site.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
2021 Outlook: Tackling Cloud Transformation Choices
Joao-Pierre S. Ruth, Senior Writer,  1/4/2021
Enterprise IT Leaders Face Two Paths to AI
Jessica Davis, Senior Editor, Enterprise Apps,  12/23/2020
10 IT Trends to Watch for in 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/22/2020
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll