CYBER CRIMINALS exploit psychological weaknesses, not just technological flaws, to manipulate victims and make their scams work, two Irish academics said this week.
Andrew Power and Dr Gráinne Kirwan spoke about "innovative exploitation of human behaviour by cyber criminals" in Dún Laoghaire's Institute of Art, Design and Technology on Wednesday. The lecture was based on findings from their upcoming book, The Psychology of Cyber Crime.
Dr Kirwan, who lectures in psychology at the institute, said fraudsters commonly use psychological techniques to draw victims in by first asking for small amounts of information or money. Common cyber crimes include identity theft, online fraud, spreading malicious software, hacking and online child predators.
Another trick is to create an artificial deadline such as asking for “the first 50 applicants” or “click by tonight”, as seen in the scam that emerged on Facebook after Steve Jobs’ death which supposedly offered free iPads, iPhones and MacBooks.
Scammers earned a commission by redirecting users to a designated site, or by compromising the victim’s Facebook account. These tricks let them spread malware or obtain personal information.
“They’re preying on fear and on the fact that people won’t look into all the elements of the decision before they act on it,” said Dr Kirwan.
Criminals can easily make online scams appear plausible by projecting authority through wording and logos people expect to see, she added. Fake e-mails purporting to come from the Revenue Commissioners and written in Irish, for example, show salience and confirmation bias at work.
“We see logos we recognise, the URL looks functional, it has the name of an organisation that we trust. They are salient cues,” she said. “We look for the evidence that supports our hypothesis that this is real, and we tend to ignore any evidence to the contrary.”
The psychological effect of cognitive dissonance comes into play when people act irrationally by responding to a fraudster, or by sending them money. The victim then tries to justify their actions, said Dr Kirwan. “We see it a lot with people like compulsive gamblers who think: ‘I’ll eventually make my money back so I’ll continue’.”
Cyber criminals exploit the anonymity afforded by the internet which removes some people’s inhibitions, making them more likely to do and say things online than they would offline, said Dr Kirwan.
She said people can change their behaviour online by recognising scammers’ tricks. “Pay more attention to the content of the message, who it’s supposed to be from and the link in it.”
