New McAfee Study Shows the Psychology Behind the Scam

Internet scams are nothing new, but according to a new study from McAfee, the scams are growing more sophisticated and harder to detect. "Mind Games," shows the psychology behind social engineering scams sent through junk email. The study's primary author, Dr. James Blascovich, Professor of Psychology at the University of California, Santa Barbara, gives computer users an inside look at how cyber criminals use lust, fear and greed to steal personal and financial information.

According to Dr. Blascovich, "Scam spam works best by providing recipients with a sense of familiarity and legitimacy, either by creating the illusion that the email is from a friend or colleague, or providing plausible warnings from a respected institution." One common method that cyber criminals use to steal sensitive information is the use of "phising" emails. "Phish" emails look like they are from reputable and well-known companies such as eBay, Bank of America or Paypal. "Once the victim opens the email, criminals use two basic motivational processes, approach and avoidance, or a combination of the two, to persuade victims to click on dangerous links, provide personal information, or download risky files. By scamming $20 from just half of one percent of the U.S. population, cyber criminals can earn $15 million each day and nearly $5.5 billion in a year, a powerful attraction for skillful scam artists."

When using phishing techniques, the scammers will often tell the user that the security of their account has been breached and encourage them to click on a link in the body of the email. The link will take the user to a fraudulent website that will capture their passwords and bank account numbers. These emails use two techniques, familliarity and fear. Users are led to believe that failure to click on the links will result in extra charges or cancellation of important accounts. While such emails are not a new threat, they are more sophisticated and harder to spot. Fraudulent emails used to contain typograpical errors, grammatical mistakes and poor quality graphics, but the new breed of emails often mimic copy from legitimate websites and can fool all but the most savvy web users.

Greed is often exploited by email scammers targeting users that could fall prey to "get rich quick" schemes. Such emails often promise hot stock tips, pre-approved loans, and winning entries in lotteries or sweepstakes.

In addition to uring vicims through fraudulent emails, popular websites are also the target of scammers. The popular social networking site MySpace was hit in February by scammers that turned legitimate links into links to phishing sites that attempted to lure users into divulging sensitive information.

Scammers also prey on feelings of loneliness or lust with leading email subjects like "Don't Spend Another Lonley Night," or "She's Waiting for You." These emails lead to sites offerning "free trials" with a credit card number.

In spite of the rash of scams on the Internet, there are things that you can do to reduce your chances of being a victim. Do not open an email from anyone you don't know. If you receive an email from a well-known company containing links to change your password or verify your account, do not click on the link. Reputable companies will never ask for personal infornmation like passwords or account number sin an email. If you receive such emails, forward it to the company's security address for further investigation.

Press Release: Cyber Criminals Rely on Mind Games to Scam Internet Users
http://media.prnewswire.com/en/jsp/search.jsp?searchtype=full&option=headlines&resourceid=3501482