The Psychology Of Phishing: When Emails Are Dangerous

Have you ever received a suspicious email asking you to take urgent action or share personal information? It was probably a case of phishing, a common modern scam.
The Psychology of Phishing: When Emails Are Dangerous

In this article we discuss the danger of phishing. As technology evolves, everything adapts and changes with it. Criminal activities are no exception.

Cybercrime is common and takes many forms. For example, there is spyware, adware, worms, Trojan horses, viruses, and so on. One of the most common forms of cybercrime is phishing, where people’s information is stolen via email.

Cyber ​​criminals pretend to be people or companies and send emails telling you to take urgent action and provide certain information.

The emails often seem to come from companies you know or have an account with. They may threaten to close your account. Or they threaten to charge you if you don’t do what the email says.

If you open a malicious file attached to one of these emails, or if you provide certain information (bank details or personal information), they will use it to their advantage. Phishing is an effective way to scam many people at once. Experts estimate that there were nine million phishing attacks in 2019.

This type of scam is easy to identify. However, some cyber criminals are good at tricking people. They play with people’s basic emotions and psychological processes in such a way that you don’t realize you’re being cheated.

Hacker working on phishing

Social inventiveness

Cyber ​​criminals use concepts from sociology and social psychology to design their scams. They usually cater to four different human emotions: 

  • greed
  • curiosity
  • pity
  • fear

The combination of these emotions causes people to react almost instinctively. By playing with these four emotions and being aware of different social behaviors, phishing attackers have developed various tactics to get people to release sensitive information.

We will now describe the three types of behavior that phishing attackers take advantage of to scam people. The success of these types of attacks, of course, depends on a person’s personal characteristics and their ability to detect suspicious behavior.

Respect for authority

People tend to follow orders or instructions from people in positions of power. In other words, we have a cognitive bias that makes us forget (even momentarily) our own opinion or possible consequences of an action. With fear as the main motivation, we rush to follow the orders of our ‘superiors’.

Phishing attackers can exude authority by impersonating the president of a corporation, a major state-level organization, or a prestigious corporation. They tend to send emails pretending to be large or well-known companies, asking them to do something that seems relevant to their business.

Seeing a company name you know gives you a sense of security. As a result, you are more likely to believe that what you read is real.

An example of this type of scam is an email that appears to be from a tax authority. In that email you will be asked to click on a link to get your tax refund. Another example is an email from a company asking to open a file about a “new project.”

A sense of urgency

This manipulation strategy is extremely common, and not just for criminal activity. Marketing companies also use it a lot.

This is about creating a false urgency situation that requires the user to make quick decisions and act quickly. When they use this strategy, they often prey on people’s fear that something bad will happen if they don’t act.

The subject of the email is intended to set off alarm bells for the reader. “Your computer has a virus” or “someone tried to access your account” are some examples.

Another variation is telling you to be the first to do something. For example: “Only the first 50 people who register will receive a prize.” Here, the fear of missing out on an opportunity may lead you to believe the scam without considering other options.

The goal here is to create fear so that you make a hasty and irrational decision. They are counting on your rational mind not having time to question the suspicious aspects of the email that indicate it is a scam.

They also often include words in capital letters and the color red to reinforce that sense of urgency and danger. The problem here is that even if you’re not completely convinced by the message, you could still fall into the trap. That’s because you want to take action in case it’s actually true.

Automatic actions when phishing

During the day you do many things automatically, without being fully aware of it. They are usually the result of experience and repetition.

You activate your autopilot and don’t pay much attention to what you’re doing. For example, clicking a large red button that reads “Click Here” instead of clicking a smaller box that reads “Cancel.”

Phishing attackers use this kind of automatic behavior to their advantage. For example, they use it when they ask you to resend an email that appears to have never been sent.

Or take a link that supposedly takes you to a page to unsubscribe or stop receiving emails from a company. All these links are of course fake.

These strategies are effective and dangerous. They seem harmless and they are very similar to things we do all the time. Phishing preys on these tendencies. It hopes to catch us by getting us to do things we normally do and therefore pay less attention to them.

Phishing attackers are effective when they allow us to hide the details and make decisions without thinking too much.

Watch what you click in a suspicious email

How to avoid the phishing trap?

Some people are better than others at identifying these types of scams. However, everyone is a potential victim. If you want to avoid falling victim to these kinds of deceptions, it’s important to be aware of the potential dangers.

Always read the entire email thoroughly. Give it your full attention. If you don’t know the person who sent the email, make sure the email account is genuine.

The main thing is not to react too quickly. Make sure to stop and think about the consequences. Determine if the message is correct. Decide if you think the company or person the email is coming from would send you this type of email.

Take a moment to think about what this email means and look for suspicious signals. If you identify a phishing attack, it is also important to inform the authorities.

Related Articles

10 Things Mentally Strong People Do Every Day

May 9, 2024

Six Benefits Of Equine Therapy

February 16, 2024

What Exactly Is The Precautionary Principle?

September 16, 2024

How Showing Empathy Improves Our Relationships

April 18, 2024

The Power Of Introverts

March 30, 2024

Bob Dylan, The Biography Of A Legend

May 6, 2024

5 Things Not To Worry About

April 20, 2024

Benefits Of Reading: New Worlds To Discover

June 28, 2024

Why Do We Remember Some Dreams And Not Others?

May 3, 2024

Do You Know The Difference Between Stress And Anxiety?

May 29, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *


Back to top button