Scam victim psychology: What makes you vulnerable?
Posted on 01 December 2009.
"Understanding scam victims: seven principles for systems security" is a paper by Frank Stajano, an associate professor with the Computer Laboratory of the University of Cambridge, and Paul Wilson, producer and star of "The Real Hussle", a BBC TV show that demonstrates and analyses how real-life cons are perpetrated.

The two of them teamed up to show how "the success of many attacks on computer systems can be traced back to the security engineers not understanding the psychology of the system users they meant to protect." They maintain that there are some patterns that remain the same with offline and online hustles, some victim behaviors that mirror each other.

They assert that human element is very often the weakest link when it comes to protecting a system, and that security engineers should delve into the victim psychology to prevent their end user from becoming one.

The paper is divided in two parts. The first one consists of a dozen of scam scenarios that have been documented for the aforementioned TV show. The second part focuses on lessons that can be drawn and principles that can be learned from them:

1. The Distraction principle - While you are distracted by what retains your interest, hustlers can do anything to you and you won’t notice.

2. The Social Compliance principle - Society trains people not to question authority. Hustlers exploit this “suspension of suspiciousness” to make you do what they want.

3. The Herd principle - Even suspicious marks will let their guard down when everyone next to them appears to share the same risks. Safety in numbers? Not if they’re all conspiring against you.

4. The Dishonesty principle - Anything illegal you do will be used against you by the fraudster, making it harder for you to seek help once you realize you’ve been had.

5. The Deception principle - Things and people are not what they seem. Hustlers know how to manipulate you to make you believe that they are.

6. The Need and Greed principle - Your needs and desires make you vulnerable. Once hustlers know what you really want, they can easily manipulate you.

7. The Time principle - When you are under time pressure to make an important choice, you use a different decision strategy. Hustlers steer you towards a strategy involving less reasoning.

Of course, in the paper all these principles are extensively explained and examples are given that show the validity of their reasoning. The entire paper is extremely interesting. Read it to gain some knowledge into the psychological mechanisms that could make you and others victims of real-world and online scams, because - knowledge is power.






Spotlight

Targeted attack protection via network topology alteration

Posted on 17 October 2014.  |  This article from Trend Micro tackles how network topology can aid in defending the enterprise network from risks posed by targeted attacks.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Oct 20th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //