this post was submitted on 16 Aug 2023
35 points (100.0% liked)

Technology

37712 readers
280 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Summary

The article discusses 6 personality traits that make people more vulnerable to phishing scams. These traits are:

  • Extroverted: Extroverts tend to be more trusting and less suspicious of others, which makes them more likely to fall for phishing scams.

  • Agreeable: Agreeable people are more likely to be empathetic and want to help others, which can make them more vulnerable to phishing scams that appeal to their emotions.

  • People-pleasing: People-pleasers are more likely to go out of their way to help others, even if it means putting themselves at risk. This can make them more susceptible to phishing scams that demand urgent action.

  • Quick to trust: People who are quick to trust others are more likely to fall for phishing scams, even if the message seems suspicious.

  • Fear of or respect for authority: People who have a strong fear of or respect for authority figures are more likely to be fooled by phishing scams that pose as authority figures.

  • Poor self-control: People with poor self-control are more likely to act impulsively, which can make them more vulnerable to phishing scams that demand immediate action.

The article also provides tips for staying safe from phishing scams, such as:

  • Pause before responding to any suspicious message. Don't click on any links or open any attachments in a message unless you are sure it is from a legitimate source.

  • Investigate the source of the message. Look for misspellings or grammatical errors in the message, which can be a sign of a scam.

  • Think carefully before reacting to the message. Don't feel pressured to act immediately. Take some time to research the company or organization that the message claims to be from.

you are viewing a single comment's thread
view the rest of the comments
[–] towerful@beehaw.org 3 points 1 year ago

I will say that a good scammer will circumvent a lot of the "earning trust" stage.
Through social engineering or just sheer luck, they will catch you at a time when your guard is down and they will manipulate a sense of urgency.

"Hi mom, my phone fell in the toilet and I really need it for work tomorrow. I'm using a friends phone right now, all my bank access was on that phone. I'm so stressed. Can you send me $800 via (dodgy website) so I can buy a new phone and get to work".

Instantly hits on an emotional pressure point. Adds a huge sense of urgency, with good reasons for an untrusted number and a dodgy payment method, and makes it seem difficult to corroborate with the mom's kid.

"Hello, this is your real estate agent. Unfortunately there has been a complication with the purchase of your new house. Due to extra fees, $10,000 needs to be transferred to X by midnight, otherwise the banks will reject the purchase/mortgage/whatever. Sorry for the out-of-hours contacts, I'm currently in (city) on other business and not in the office"

Another hugely stressful scenario. Massive sense of urgency with a disastrous deadline.
People don't buy houses every day, and may not be fully aware of the process. They might take this as an unexpected but legit part of the process.
Obviously, this requires significant social engineering to set the scam up in the first place (knowing someone is buying a house and roughly when). But the payout can be significant.

The biggest piece of advice I can give is:
If someone is applying a sense of urgency on any decision: STOP.
Take a breather, think about the scenario. And then contact "the person/company" via another way through means you research yourself.

If it's on the phone, ask for a case number, Google the company and phone them directly. By text or email, same thing. Find their phone number via Google.
If it is legitimate, an extra 30m isn't going to harm anything. Especially if you say "sorry about that, I wasn't sure if it was a scam or not".