{"id":12690,"date":"2019-01-24T05:10:50","date_gmt":"2019-01-24T10:10:50","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/phishing-psychology\/12690\/"},"modified":"2020-04-08T21:53:12","modified_gmt":"2020-04-08T17:53:12","slug":"phishing-psychology","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/phishing-psychology\/12690\/","title":{"rendered":"Spear phishing psychology"},"content":{"rendered":"<p>When speaking about vulnerabilities, we generally mean coding errors and weaknesses in information systems. However, other vulnerabilities exist right in a potential victim\u2019s head.<\/p>\n<p>It\u2019s not a question of lack of awareness or neglect of cybersecurity \u2014 the way to deal with those problems is more or less clear. No, it\u2019s just that the user\u2019s brain sometimes functions a little differently than IT security gurus would like, under the influence of <a target=\"_blank\" href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/social-engineering\/?utm_source=kdaily&amp;utm_medium=blog&amp;utm_campaign=termin-explanation\" rel=\"noopener noreferrer\">social engineering<\/a>.<\/p>\n<p>Social engineering is essentially a fusion of sociology and psychology. It is a set of techniques for creating an environment that leads to a predetermined result.  By playing on people\u2019s fears, emotions, feelings, and reflexes, cybercriminals can gain access to useful information. And it is largely this \u201cscience\u201d that lies at the heart of most of today\u2019s targeted attacks.<\/p>\n<p>Four main feelings that scammers prey on:<\/p>\n<ul>\n<li>Curiosity<\/li>\n<li>Pity<\/li>\n<li>Fear<\/li>\n<li>Greed<\/li>\n<\/ul>\n<p>It wouldn\u2019t be right to call them <em>vulnerabilities<\/em>; they are simply natural human emotions. Perhaps a more apt description would be \u201cchannels of influence\u201d through which manipulators try to sway their victims, ideally in such a way that the brain is actuated automatically, without the application of critical thinking. To achieve this, cybercriminals have plenty of tricks up their sleeve. Sure, some ploys work better on some people than others. But we decided to take a look at a few of the most common, and explain exactly how they are used.<\/p>\n<h2>Respect for authority<\/h2>\n<p>This is one of the so-called <a target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Cognitive_bias\" rel=\"noopener noreferrer nofollow\">cognitive biases<\/a> \u2014 systematic patterns of deviation in behavior, perception, and thinking. It is rooted in the inclination to unquestioningly obey those with some degree of experience or power, ignoring one\u2019s own judgments about the expediency of such action.<\/p>\n<p>In practice, it might be a phishing e-mail supposedly from your boss. Naturally, if the message told you to film yourself twerking and send the video to ten friends, you might think twice. But if your supervisor is asking you to read some new project documentation, you might be more disposed to click on the attachment.<\/p>\n<h3>Time pressure<\/h3>\n<p>One of the most frequent psychological manipulation techniques is to create a sense of urgency. When making an informed, rational decision, it\u2019s usually a good idea to examine the relevant information in detail. And that takes time. It is this precious commodity that scammers try to deny their victims.<\/p>\n<p>Manipulators arouse fear (\u201cAn attempt was made to access your account. If this was not you, click this link immediately\u2026\u201d) or hunger for easy money (\u201cOnly the first ten clickers get the discount, don\u2019t miss out\u2026\u201d). When the clock appears to be ticking, the probability of succumbing to instinct and making an emotional decision instead of a rational one is greatly increased.<\/p>\n<p>Messages that shout \u201curgent\u201d and \u201cimportant\u201d are in this category. Relevant words are often highlighted red, the color of danger, to heighten the effect.<\/p>\n<h3>Automatisms<\/h3>\n<p>In psychology, automatisms are actions taken without the direct involvement of the conscious mind. Automatisms can be primary (innate, not considered) or secondary (no longer considered, having passed through consciousness). Further still, automatisms are categorized as motor, speech, or mental.<\/p>\n<p>Cybercriminals try to trigger automatisms when sending messages that in some recipients might produce an automatic response. These include \u201cFailed to deliver e-mail, click to resend\u201d-type messages, annoying newsletters with a temptingly large \u201cUnsubscribe\u201d button, and fake notifications about new comments in social networks. The reaction in this case is the result of secondary motor and mental automatisms.<\/p>\n<h3>Unexpected revelations<\/h3>\n<p>This is another, fairly common type of manipulation. It exploits the fact that information packaged as an honest admission is perceived less critically than if it were discovered independently.<\/p>\n<p>In practice, this might be a message such as: \u201cWe regret to inform you that we have suffered a password leak. Please check to see if you are in the list of those affected.\u201d<\/p>\n<h3>What to do<\/h3>\n<p>Perception distortions, which unfortunately play into the hands of cybercriminals, are biological. They appeared during the brain\u2019s evolution to help us adapt to the world and save time and energy. In large part, the distortions arise out of a lack of critical-thinking skills, and many adaptations are ill-suited to modern realities. But never fear, manipulation can be resisted by knowing a bit about the human psyche, and following a few simple tips:<\/p>\n<ol>\n<li>Make it a rule to read messages from higher-ups with a critical eye. Why is your boss asking you to open a password-protected archive and sending the key in the same e-mail? Why would a manager with account access ask you to transfer money to a new partner? Why would anyone assign a nonstandard task by e-mail instead of by phone as usual? If something looks odd, clarify things using a different communication channel.<\/li>\n<li>Don\u2019t react immediately to messages demanding urgent action. Stay cool, even if the content of the message has got you shaking. Be sure to check the sender, domain, and link before clicking anything. If still in doubt, get in touch with IT.<\/li>\n<li>If you notice a tendency on your part to automatically respond to some types of messages, try to run through your typical sequence of actions, but consciously. This can help to de-automatize your response \u2014 the key is to activate the conscious mind at the right moment.<\/li>\n<li>Remember our previous tips on how to avoid phishing bait:\n<ul>\n<li><a target=\"_blank\" href=\"https:\/\/www.kaspersky.com\/blog\/what-is-spearphishing\/20412\/\" rel=\"noopener noreferrer nofollow\">How to recognize spear phishing<\/a><\/li>\n<li><a target=\"_blank\" href=\"https:\/\/www.kaspersky.com\/blog\/phishing-ten-tips\/10550\/\" rel=\"noopener noreferrer nofollow\">10 antiphishing tips<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Use security solutions with reliable antiphishing technologies. Most intrusion attempts, in this case, will fall at the first hurdle.<\/li>\n<\/ol>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"ksos-generic\">\n","protected":false},"excerpt":{"rendered":"<p>Many vulnerabilities exist in the mind. How to neutralize them. <\/p>\n","protected":false},"author":2499,"featured_media":12691,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1318,1917],"tags":[2006,76,2010,489,984],"class_list":{"0":"post-12690","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-human-factor","10":"tag-phishing","11":"tag-psychology","12":"tag-social-engineering","13":"tag-spear-phishing"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/phishing-psychology\/12690\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/phishing-psychology\/15112\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/phishing-psychology\/17038\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/phishing-psychology\/15225\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/phishing-psychology\/13978\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/phishing-psychology\/17724\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/phishing-psychology\/16822\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/phishing-psychology\/22140\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/phishing-psychology\/5628\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/phishing-psychology\/25440\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/phishing-psychology\/11377\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/phishing-psychology\/11405\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/phishing-psychology\/10278\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/phishing-psychology\/18407\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/phishing-psychology\/22315\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/phishing-psychology\/23750\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/phishing-psychology\/17846\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/phishing-psychology\/21995\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/phishing-psychology\/21932\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/human-factor\/","name":"human factor"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/12690","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2499"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=12690"}],"version-history":[{"count":11,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/12690\/revisions"}],"predecessor-version":[{"id":16325,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/12690\/revisions\/16325"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/12691"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=12690"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=12690"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=12690"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}