Summary
The article discusses 6 personality traits that make people more vulnerable to phishing scams. These traits are:
Extroverted: Extroverts tend to be more trusting and less suspicious of others, which makes them more likely to fall for phishing scams.
Agreeable: Agreeable people are more likely to be empathetic and want to help others, which can make them more vulnerable to phishing scams that appeal to their emotions.
People-pleasing: People-pleasers are more likely to go out of their way to help others, even if it means putting themselves at risk. This can make them more susceptible to phishing scams that demand urgent action.
Quick to trust: People who are quick to trust others are more likely to fall for phishing scams, even if the message seems suspicious.
Fear of or respect for authority: People who have a strong fear of or respect for authority figures are more likely to be fooled by phishing scams that pose as authority figures.
Poor self-control: People with poor self-control are more likely to act impulsively, which can make them more vulnerable to phishing scams that demand immediate action.
The article also provides tips for staying safe from phishing scams, such as:
Pause before responding to any suspicious message. Don’t click on any links or open any attachments in a message unless you are sure it is from a legitimate source.
Investigate the source of the message. Look for misspellings or grammatical errors in the message, which can be a sign of a scam.
Think carefully before reacting to the message. Don’t feel pressured to act immediately. Take some time to research the company or organization that the message claims to be from.
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
Good thing I’m introverted, misanthropic, cynical, and rebellious. Although I do have poor self-control so I still need to be careful
Kind of crazy, but none of these describe me at all.
The key trait here is #4, being quick to trust. Everything else is circumstantial and depends on the phishing attempt.
Other hints that the text could provide:
Nigerian prince isn’t phishing.
It’s just a scam, at least the ones I’ve seen.
Definition of phishing:
Here’s a better example then:
Same deal - why would the bank contact you, and why by email? And why websearching this “trustedbank” shows mostly results with a similar but never identical name?
That said scam and phishing work rather similarly: both prompt you to act against your interests, to the benefit of someone else (who claims to be a third party), offering you either a reward for action or a punishment for inaction. The same scepticism that saves you from one will also save you from another.
Not disagreeing, but the article/study seemed only to be interested in phishing, as a subtype of scamming. Only reason I bothered to mention it.
There are different tactics involved in the Nigerian prince example than in most phishing attempts.
The Nigerian prince scam assumes you are a complete idiot, while most phishing attacks disguise themselves as legitimate stuff and often try to instill a sense of urgency, hoping that you act without having time to stop and think things over.
Package related scams are for instance more common around seasons where people order lots of packages, increasing chances of hitting someone who’s waiting for a package.
I will say that a good scammer will circumvent a lot of the “earning trust” stage.
Through social engineering or just sheer luck, they will catch you at a time when your guard is down and they will manipulate a sense of urgency.
Instantly hits on an emotional pressure point. Adds a huge sense of urgency, with good reasons for an untrusted number and a dodgy payment method, and makes it seem difficult to corroborate with the mom’s kid.
Another hugely stressful scenario. Massive sense of urgency with a disastrous deadline.
People don’t buy houses every day, and may not be fully aware of the process. They might take this as an unexpected but legit part of the process.
Obviously, this requires significant social engineering to set the scam up in the first place (knowing someone is buying a house and roughly when). But the payout can be significant.
The biggest piece of advice I can give is:
If someone is applying a sense of urgency on any decision: STOP.
Take a breather, think about the scenario. And then contact “the person/company” via another way through means you research yourself.
If it’s on the phone, ask for a case number, Google the company and phone them directly. By text or email, same thing. Find their phone number via Google.
If it is legitimate, an extra 30m isn’t going to harm anything. Especially if you say “sorry about that, I wasn’t sure if it was a scam or not”.
I’m surprised curiosity isn’t on that list. Sometimes I think about replying to spam, phishers, etc out of curiosity. I know they’re almost certainly trying to scam me, but… what if I replied? What would happen?
Granted, I have several of the personality traits listed, but I’ve found that curiosity has always been the driving factor when it comes to the temptation to engage with them.
I totally agree with you. They probably missed a few. Thx for adding one more.
Here you go: https://youtu.be/4o5hSxvN_-s
Eeeh, the thing with curiosity is that it’s a double edged sword in that regard. Sure, maybe it makes you more likely to engage… but it also makes you much more likely to investigate. Ask the question “why?”, rather than take things at face value.
I agree with this. I’m curious too, so in my naive youth in the 90s I did things like reply to scammers, invite JWs in to tell me about their religion, and even let a scientologist try to audit me.
Nothing bad happened because I was curious about them, but not relying on them to give me the answers.
Appreciate the summary. Thanks!