Seven 'Weaknesses' Criminals Use Online to Exploit You
What makes a con work? Human nature. By applying psychology, criminals achieve predictable results most of the time. High-tech giant Cisco's recently released annual security report contains a breakdown of "seven deadly weaknesses" that make us particularly susceptible to criminal persuasions (the Dilbert brigade at your office, when they give you the "employee risk management" speech, probably will refer to this give-and-take between con and mark as "social engineering"). Sadly, many impulses the bad guys play on are good ones -- and so, perhaps it's best to keep in mind that on the Internet, the virtuous are targets for victimhood.Adapted (rather freely) from Cisco's list:
1. Sex appeal
even Thai hookers are doing it. Here's a visual example on Sophos' Naked Security blog.
Think how marketers abuse the word "free" on the Internet. When you see "free" online, read every grain of fine print you can find, lest you be signed up for the dreaded "free trial" you will forget to cancel (and with the fine print that says your credit card will continue to be charged in exponential increments until you self-amputate an arm and overnight it to some address in Delaware). What else can possibly explain the continuing success of Nigerian 4-1-9 scams and their multiplying offspring, other than the principle greed twists eternal in the human breast?
"You have been chosen!" Or perhaps "You've won a free trial!" which contains a double whammy -- see above. Arguably, you could even throw in the old "supplies are limited, act now" hook, since there's a feeling of exclusive exhilaration when you, yes you, are able to get your commemorative "Ghost of Elvis Visits the 9/11 Memorial" plate ahead of all the other losers.
Not necessarily a bad thing, of course, but certainly a deciding factor in many electronic scams. Think of the recent (and recurring) UPS and DHL schemes, which in turn have their own permutations -- one a variant of the Nigerian 4-1-9 con, another playing on the trusted brand names, and that's just two of many. Also the main psychological engine at work behind scareware.
Cisco gives as its example the lazy consumer who simply clicks on a link sent in an email that may or may not be from his bank, rather than actually call or take some other measure to verify. Let's make it a bit more general and say, anyone who fails to do homework on any kind of Internet transaction is lazy. For heavens' sake, just use a search engine and type in a salient word in question followed by the terms "scam" or "rip-off" and see if anything interesting comes up. If you don't do that, you're a sloth.
Criminals play on the emotions and good qualities some people have to con them out of money, personal information, even just a verifiable email address. Con artists tried to fleece consumers a year ago with phony charity appeals following the earthquake in Haiti. Schemers send emails with bogus hotel or restaurant reservations, hoping the recipient will write back to try to correct the mistake -- and unwittingly surrender a verified email address, which the spammer can then sell at a higher value than a random one. And then there's the phony friend stranded in some foreign country, writing to you for help. That one started out in email and moved to social networks.
Beware the hard -- and fast -- sell. That's why states such as Massachusetts have "cooling off" protections that mandate a certain amount of time, often 72 hours, in which a purchase can be canceled -- but that's only if there's a cancellation provision in the contract. There's nothing within reason you need to buy right this minute -- especially a time-share or a gym membership -- that you can't buy tomorrow after sleeping on it. And if you can't buy it tomorrow, you probably don't need it.
Read Cisco's original here in its annual security report.
Beau Brendler is chairman of the North American Internet users' advisory committee to ICANN, and for eight years was executive producer of the WebWatch project at Consumers Union.He also vblogs for Internet Evolution and writes for its Thinkernet.
Become a fan of Consumer Ally on Facebook.