Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Why We Click

    By
    Lisa Vaas
    -
    June 27, 2007
    Share
    Facebook
    Twitter
    Linkedin

      Money is the motivation for scam-spam. The motivation for clicking on it is far less straightforward, and none of us is immune.

      “Its not like certain people are going to be nailed by spam all the time. Or that there are certain motivations that will just [always] trigger people [who respond] to spam scams. Its really the interplay between personality and motivation, emotion—all sorts of things,” said Dr. James Blascovich, professor of psychology at UC Santa Barbara and co-director of the universitys Research Center for Virtual Environments and Behavior.

      “Its a little more complex, but not much different from the complex interplay of psychological factors that get people to succumb to any sort of scam.”

      The idea that none of us are immune is the main takeaway from a report titled “Mind Games: A psychological analysis of common e-mail scams,” that Blascovich and McAfee published on June 25.

      While the motivations to click on spam arent much different than those that motivate people to play Three-card Monte, the pool of potential marks—targets of a scam—is far larger on the Internet.

      McAfee, of Santa Clara, Calif., throws around figures like these: If half of the population in the United States (about 150 million people) use e-mail on a daily basis, and if only half of them (75 million) are gullible, and only 1 percent (750,000) buy into scam-spam on a given day, and if those victims were to cough up a mere $20 per scam, the potential market amounts to $15 million a day, or $105 million per week, or nearly $5.5 billion per year in just the United States.

      /zimages/7/179655.jpg

      According to the report, many—or even most—e-mail users think that in addition to installing spam-filtering software tools and tagging suspect e-mail, they can mentally filter spam via subject line. McAfee notes two problems with this assumption: First, users are less likely to tag spam so as to take advantage of filtering tools. “In the short run, it is simply easier to delete a message than to take the time to remember what to do to tag and add it to a spam filter list, even though in the long run, it would save deleting never-ending repetitions of messages from the same source,” the report notes.

      The second problem is that subject lines have simply become more sophisticated, making successful mental filtering tricky even for sophisticated users, according to the report.

      /zimages/7/28571.gifHundreds click on click here to get infected ad. Click here to read more.

      These problems with mental filtering make it more important than ever to recognize the mental games spammers play, said McAfee and Blascovich.

      One of the most obvious psychological characteristics necessary for scam-spam to succeed is naiveté. Among computer-savvy, young e-mail users, naiveté tends to surround legitimate business practices—i.e., the methods with which legitimate companies and organizations conduct business. Business-savvy older people, on the other hand, tend to be less computer savvy and more trustful of apparent, virtual e-businesses than younger people, according to the report.

      Next Page: Manipulating motivation.

      Manipulating Motivation

      Beyond gullibility, lack of intelligence or rationality, there are other psychological factors that trip up e-mail users.

      Manipulating motivational processes of “approach and avoidance” are the most basic tricks spammers employ, according to the report. Scam-spam often attempts to motivate click-throughs via pleasure/positive goals/positive outcomes, via avoidance of negative or unpleasant goals or outcomes, or with a combination of both.

      The researchers give the example of no-effort weight loss guarantees or cant-miss stock tips as examples of “approach” motivation, whereas the danger of a compromised checking account is an example of “avoidance” motivation. Promotion of sexual enhancement products are an example of a play that employs both types of motivation, the researchers say, with the “approach” motivation being a sexual boost and the “avoidance” motivation being getting away with not having to ask a doctor for a prescription.

      Psychologists who study motivation have found that some people are predisposed to either of those two major forms of motivation. Those people predisposed to having their approach motivation piqued, for example, are known as “promotion-focused individuals” who focus on getting ahead, while those prone to avoidance are known as “prevention-focused” and tend to try to avoid falling behind, the report says.

      Beyond motivation, however, scammers must work to overcome skepticism, according to the report. They do so by trying to convince recipients of their legitimacy, which can be garnered via many means, including intimacy/familiarity (“Is it you?” or “Hi from Lenny Cabrera”) or authority (“Must Complete and Submit”).

      Other psychological tricks scam-spam employs include the use of curiosity (“The report says”), freebies (“Unlimited Adobe Downloads”), current affairs (“Mothers Day,” “Valentines Day”), emotion/love/loss (“another week lonely”), auction fraud (“Brighton handbags”), employment scams (“Instant Payouts”), competition winner (“YOU WON”), and embarrassment (“attack obesity,” “VIAGRA”).

      With nobody being immune to this array of mind tricks, how does an enterprise or individual protect itself? By behavioral modification, Blascovich said.

      “People just have to realize there are certain things they should just never, ever, ever do, even when they know a correspondent is absolutely legitimate, because there are people trying to install [keystroke] capture software [or other malware] on peoples computers,” he said.

      Specifically, McAfee recommends users do the following to starve the e-mail scam industry and to protect individuals and organizations:

      • Dont unsubscribe from mail if you dont recognize the sender or company sending the mail.
      • Dont publish your e-mail address on any Web site or discussion forum. If necessary, obfuscate e-mail address: for example, write an e-mail address as “myname at mycompany dot com.”
      • Use a separate e-mail address to sign up for newsletters, online posting and trade shows. If the mailbox gets unwieldy, you can delete it or filter it more aggressively.
      • Use anti-spam software.
      • Dont unsubscribe immediately. After a few weeks, compare the messages you want to unsubscribe from and look for common traits, such as common strings of text that you can use to block further mail.
      • Dont reply to spam.
      • Dont buy anything from spammers.

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

      Lisa Vaas
      Lisa Vaas is News Editor/Operations for eWEEK.com and also serves as editor of the Database topic center. Since 1995, she has also been a Webcast news show anchorperson and a reporter covering the IT industry. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on eWEEK.com, and in the startup IT magazine PC Connection. Prior to becoming a journalist, Vaas experienced an array of eye-opening careers, including driving a cab in Boston, photographing cranky babies in shopping malls, selling cameras, typography and computer training. She stopped a hair short of finishing an M.A. in English at the University of Massachusetts in Boston. She earned a B.S. in Communications from Emerson College. She runs two open-mic reading series in Boston and currently keeps bees in her home in Mashpee, Mass.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×