Abstract

Social engineering is a psychological exploitation which scammers use to skillfully manipulate human weaknesses and carry out emotional attacks on innocent people. This study examined the contents of 100 phishing e-mails and 100 advance-fee-scam e-mails, and evaluated the persuasion techniques exploited by social engineers for their illegal gains. The analyses showed that alert and account verification were the two primary triggers used to raise the attention of phishing e-mail recipients. These phishing e-mails were typically followed by a threatening tone via urgency. In advance-fee e-mails, timing is a lesser concern; potential monetary gain is the main trigger. Business proposals and large unclaimed funds were the two most common incentives used to lure victims. The study revealed that social engineers use statements in positive and negative manners in combination with authoritative and urgent persuasions to influence innocent people on their decisions to respond. Since it is highly unlikely that online fraud will ever be completely eliminated, the most important strategy that can be directed to combat social engineering attacks is to educate the public on potential threats from perpetrators.

Highlights

  • The notion of social engineering has appeared recently in the study of online fraudulent activities (Blommaert & Omoniyi, 2006; Holt & Graves, 2007; Huang & Brockman, 2011; King & Thomas, 2009; Mann, 2008; Ross, 2009; Workman, 2008; Zook, 2007)

  • To examine the deceptive operations and techniques used in phishing and advance-fee e-mails, the study has collected a sample of 200 fraudulent e-mails related to the two types of scam

  • The top three triggers used by scammers were: alert, warning, attention (18%); account verification (18%); and invalid login attempts (17%)

Read more

Summary

Introduction

The notion of social engineering has appeared recently in the study of online fraudulent activities (Blommaert & Omoniyi, 2006; Holt & Graves, 2007; Huang & Brockman, 2011; King & Thomas, 2009; Mann, 2008; Ross, 2009; Workman, 2008; Zook, 2007) This stream of research has centered on the exploitive nature of deceptive communications employed by social engineers in the commission of fraudulent acts. The study, focusing on online fraud, will show that social engineers are able to exploit human weaknesses to obtain desired behaviors and privilege information via psychologically constructed communications These fraudsters can skillfully manipulate victims into an emotionally vulnerable state with a disguised, attractive e-mail

Methods
Results
Conclusion

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.