Social engineering is a psychological exploitation which scammers use to skillfully manipulate human weaknesses and carry out emotional attacks on innocent people. This study examined the contents of 100 phishing e-mails and 100 advance-fee-scam e-mails, and evaluated the persuasion techniques exploited by social engineers for their illegal gains. The analyses showed that alert and account verification were the two primary triggers used to raise the attention of phishing e-mail recipients. These phishing e-mails were typically followed by a threatening tone via urgency. In advance-fee e-mails, timing is a lesser concern; potential monetary gain is the main trigger. Business proposals and large unclaimed funds were the two most common incentives used to lure victims. The study revealed that social engineers use statements in positive and negative manners in combination with authoritative and urgent persuasions to influence innocent people on their decisions to respond. Since it is highly unlikely that online fraud will ever be completely eliminated, the most important strategy that can be directed to combat social engineering attacks is to educate the public on potential threats from perpetrators.
This chapter examines the gaps that arise between reactive social control systems and proactive technology systems. The authors further link these gaps to cybercrime patterns and growth, by a theoretical framework that depicts the role that cybercrime plays in different gaps. This further suggests a typology of cybercrime, based on instrumental vs. expressive differences between offenses. Recent and emerging criminal activities and formal and informal control responses are reviewed and evaluated to illustrate this cybercrime framework and typology. The result is proactive strategies that can help prevent cybercrime from occurring in the disjoints between social and technical systems.
This chapter examines the gaps that arise between reactive social control systems and proactive technology systems. The authors further link these gaps to cybercrime patterns and growth, by a theoretical framework that depicts the role that cybercrime plays in different gaps. This further suggests a typology of cybercrime, based on instrumental vs. expressive differences between offenses. Recent and emerging criminal activities and formal and informal control responses are reviewed and evaluated to illustrate this cybercrime framework and typology. The result is proactive strategies that can help prevent cybercrime from occurring in the disjoints between social and technical systems.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.