Abstract
Social engineering is a psychological exploitation which scammers use to skillfully manipulate human weaknesses and carry out emotional attacks on innocent people. This study examined the contents of 100 phishing e-mails and 100 advance-fee-scam e-mails, and evaluated the persuasion techniques exploited by social engineers for their illegal gains. The analyses showed that alert and account verification were the two primary triggers used to raise the attention of phishing e-mail recipients. These phishing e-mails were typically followed by a threatening tone via urgency. In advance-fee e-mails, timing is a lesser concern; potential monetary gain is the main trigger. Business proposals and large unclaimed funds were the two most common incentives used to lure victims. The study revealed that social engineers use statements in positive and negative manners in combination with authoritative and urgent persuasions to influence innocent people on their decisions to respond. Since it is highly unlikely that online fraud will ever be completely eliminated, the most important strategy that can be directed to combat social engineering attacks is to educate the public on potential threats from perpetrators.
Highlights
The notion of social engineering has appeared recently in the study of online fraudulent activities (Blommaert & Omoniyi, 2006; Holt & Graves, 2007; Huang & Brockman, 2011; King & Thomas, 2009; Mann, 2008; Ross, 2009; Workman, 2008; Zook, 2007)
To examine the deceptive operations and techniques used in phishing and advance-fee e-mails, the study has collected a sample of 200 fraudulent e-mails related to the two types of scam
The top three triggers used by scammers were: alert, warning, attention (18%); account verification (18%); and invalid login attempts (17%)
Summary
The notion of social engineering has appeared recently in the study of online fraudulent activities (Blommaert & Omoniyi, 2006; Holt & Graves, 2007; Huang & Brockman, 2011; King & Thomas, 2009; Mann, 2008; Ross, 2009; Workman, 2008; Zook, 2007) This stream of research has centered on the exploitive nature of deceptive communications employed by social engineers in the commission of fraudulent acts. The study, focusing on online fraud, will show that social engineers are able to exploit human weaknesses to obtain desired behaviors and privilege information via psychologically constructed communications These fraudsters can skillfully manipulate victims into an emotionally vulnerable state with a disguised, attractive e-mail
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
