Cyber Security for Employees – Persuasion

Technology may be the first line of defense . . . but technology alone cannot keep us safe.

Technology solutions like anti-spam, anti-virus and malware protection catch the majority of threats, but when there are millions of threats every minute some are going to make it to your inbox. That’s why you and your skepticism are absolutely vital in the ongoing battle against cybercrime.

When our defenses are up, we are good at spotting a scam, but when we get fooled it usually falls into one of seven principles. Although these hustle principles are rooted in the real world, they work in cyber-space as well.

 

The principles*

  • Distraction principle. While you are distracted by what retains your interest, hustlers can do anything to you and you won’t notice.
  • Social Compliance principle. Society trains people not to question authority. Hustlers exploit this “suspension of suspiciousness” to make you do what they want.
  • Herd principle. Even suspicious marks will let their guard down when everyone next to them appears to share the same risks. Safety in numbers? Not if they’re all conspiring against you.
  • Dishonesty principle. Your larceny is what hooks you initially. Thereafter, anything illegal you do will be used against you by the fraudster.
  • Deception principle. Things and people are not what they seem. Hustlers know how to manipulate you to make you believe that they are.
  • Need and Greed principle. Your needs and desires make you vulnerable. Once hustlers know what you really want, they can easily manipulate you.
  • Time principle. When you are under time pressure to make an important choice, you use a different decision strategy. Hustlers steer you towards one involving less reasoning.
  • Let’s add one more, Guilt principle. The hustler guilts you into doing something. This is often seen in requests for money for a seemingly worthy cause that if you refuse you would be considered stingy or unsympathetic.

*Excerpted from Understanding scam victims: seven principles for systems security: Frank Stajano and Paul Wilson: University of Cambridge Computer Laboratory www.cl.cam.ac.uk/users/fms27 The Real Hustle www.bbc.co.uk/realhustle/meetthehustlers/paulwilson.shtml

The scams

  • Distraction principle. Any number of phishing attempts that provide details that distract you. These scams also use another principle like Deception or Need and Greed. Be wary of any email that you receive asking for information or action. Words like urgent, suspension, compromised, refused, unable, immediate should be a red flag and prompt you to research the authenticity of the message. If you have any doubts, call the provider. Any reputable firm will encourage and support your inquiry.
  • Social Compliance principle. “CEO fraud,” e-mail scams in which the attacker spoofs a message from the boss and tricks someone at the organization into wiring funds to the fraudsters. The FBI estimates these scams have cost organizations more than $2.3 billion in losses over the past three years.
  • Herd principle. Seen on auction and social media sites like eBay and FaceBook, where someone’s identity is stolen and the hacker counts on the user and community credibility to evade detection. Hacked FaceBook and other social profiles are used to send phishing emails and links. Stolen eBay accounts are used to fraudulently buy or sell items.
  • Dishonesty principle. Prescription drugs with no prescription sites or sex sites can lure people with promises of obtaining the illegal or illicit. Often people who have been scammed in this manner will not report it for fear that their involvement was illegal.
  • Deception principle. The impostors are masters of looking like your bank, credit card company or another financial institution. In email, they will embed links for accessing your account and forward you to a fake site. Online, their fake site will look just like the real one and the only way to tell is by carefully inspecting the domain name after the http://.
  • Need and Greed principle. If it is too good to be true, it’s a scam. Often these types will entice you with something for nothing. Scams like the Nigerian fraud or free pornography have hijacked many computers and brought financial loss and embarrassment to many.
  • Time principle. Many scams use a time is of the essence approach to force the victim into a reaction. Your account has been suspended, immediate attention needed or need funds immediately messages should always be a red flag.
  • Let’s add one more, Guilt principle. Unfortunately, there are many copycat organizations seeking money for children with cancer, hunger, homelessness or other worthy causes. If you want to check the legitimacy and efficiency of a nonprofit, go to guidestar.org or charitynavigator.org.

If you see something suspicious, report it by calling us at our HelpDesk 770 662-0312 or email HelpDesk@lansystems.com.

About Mary

Mary is the CEO of LAN Systems. She is an electrical engineer who feels her greatest strength is the ability to connect with people. LAN Systems provides IT managed services and solutions to growing companies and non-profit organizations. You can contact Mary at mary@lansystems.com.

Speak Your Mind

*