My personality may make me susceptible to phishing

Posted by Jorge Jiménez - 15/10/2018

There’s no question that phishing can be considered the star of the cybercrime world. 

The term comes from “fishing”, because the point of this scam is to “fish” for internet user information. In other words, scammers try to get victims to take the “bait” and provide private data, such as banking information, passwords, personal information, etc. Once they have this data, phishers gain access to bank accounts or private information they can use to rob the owners.

There are different kinds of bait used: emails, text messages or even telephone calls. In a world that is ever more virtual and digital, it’s harder with every passing day to distinguish the real from the fake, copies from the original, news from rumors... and this is the terrain exploited by phishing. However, this type of crime is different from other, “more technological” cybercrimes because it requires some victim collaboration.

Just as in fishing, the presence of bait alone isn’t enough; it has to be the right bait for the type of fish we are hoping to hook. In this case, the phisher has to attract his or her victim, has to use the right bait to make the victim act and fall into the trap, which in cybercrime slang is often called using social engineering. This boils down to influence strategies that make someone act a certain way.

One of the phishing practices most used and most profitable for cybercriminals is so-called banking phishing. It works like this: the victim receives an email that seems to be from their bank. This email generally warns the user about some problem in their bank account, indicating they have to send in certain information or click on an attached link to go to the bank’s website and update certain data.

vulnerable_phishing

When the user enters their private access information what they are really doing is providing this information to the cybercriminal, who can then go onto the bank’s real website, impersonating the customer. As happens with a fish, when the victim realizes that the “fly” they’ve bitten is hiding a hook, it’s too late.

One of the phishing practices most used and most profitable for cybercriminals is so-called banking phishing. It works like this: the victim receives an email that seems to be from their bank. This email generally warns the user about some problem in their bank account, indicating they have to send in certain information or click on an attached link to go to the bank’s website and update certain data.

As a technique for influencing behavior, social engineering is based on a behavior prediction strategy that uses an understanding of Theories of Personality to create bait and hooks that are practical and useful. This leads us to reflect on a study topic that is of tremendous interest in the world of cybercrime: Victimology. Specifically, the study of the personality traits that can play a role in making people victims.

Although there are a good number of studies on the personality traits linked to victimization with regard to “analogical” or traditional crime, when it comes to virtual crime there hasn’t been much investigation on how certain personalities, ways of thinking or behaving may mean that someone is more likely to become a cybercrime victim.

There are essentially two hypotheses in this area. Would you like to know them? Download the complete article.

my_personality_cover

MY PERSONALITY

MAY MAKE ME SUSCEPTIBLE TO PHISHING

Therefore, the personality seems to be clearly related to the possibility of being a victim of a cybercrime, especially the phishing that requires the response and collaboration of the victim.

 

Topics: phishing, fingerprint

 

 

Deep Learning for Online Fraud Prevention


recent posts

The "Flow state": Hacking for hacking’s sake

read more

My personality may make me susceptible to phishing

read more

Cyberprofiling. Above and beyond digital fingerprint comparison.

read more