As online fraud rises, Prof Mary Aiken highlights some of the psychological mechanisms used by cybercriminals.
From major cyberattacks to text scams, there has been a rise in online fraud and security incidents that has likely left many people in Ireland and around the world wondering how they can protect themselves.
Cyberpsychologist Prof Mary Aiken, an expert on the impact of technology on human behaviour, is now providing some guidance.
Bank of Ireland has teamed up with Aiken to better understand what drives customers to click on links in texts or other fraudulent messages.
A recent survey by the bank of 1,010 people across Ireland found that nearly two-thirds of those surveyed had received a fraudulent message or call claiming to be their bank, while 74pc regularly considered the threat of fraud while they were online.
Anxiety caused by fraudsters is also on the increase, with 68pc saying they were worried about being targeted by online fraudsters, up from 62pc in a 2020 survey.
Aiken said that the Bank of Ireland research bears out what is being seen globally. An “alarming” surge in cybercrime was reported last year by Interpol, while the FBI reported a nearly 300pc rise in cybercrime in the US at the beginning of the pandemic.
“The Gardaí also reported an increase in online crime up 50pc last year – with criminals moving away from traditional types of theft and robbery to attempting to defraud people online,” Aiken added. “It’s difficult: trust is a very human trait but in an age of technology we have to adapt.”
Edel McDermott, group head of fraud at Bank of Ireland, said that in spite of warnings and advice, people continue to clink on links and disclose their personal information to fraudsters.
So, here are three big tips from Aiken.
Put yourself in their shoes
First, Aiken pointed to online disinhibition. This concept refers to the shifts in our behaviours that happen when we move online. We may divulge information that we wouldn’t usually share and consider taking risks that would otherwise seem ridiculous, simply because we’re behind a laptop screen.
By combining information gathered online with profiling, cybercriminals are able to target individuals and get them to reveal their personal information and details.
Aiken’s advice is to “think like a profiler”. By being conscious of what information you have online, you can better assess what information a cybercriminal might know (or guess) about you. Consider your “digital exhaust” and what traces of information might be online between your various social media accounts.
By putting yourself in the shoes of a potential fraudster, you can reduce the chances of taking unnecessary risks and revealing something you shouldn’t.
Never trust, always verify
Psychological vulnerability is another mechanism that criminals can tap into. There have been plenty of upheavals and events in the past 18 months to make people anxious, and anxiety can make people vulnerable.
Preying on this heightened state of emotions, cybercriminals can create an additional sense of urgency by placing instructions in their scam for victims to provide personal or financial details straight away.
These methods can be a particularly effective form of fraud when they occur against the backdrop of major anxiety-provoking events, such as a pandemic or a major ransomware attack.
The advice here is to take a step back and be instantly cautious of any message that pushes for urgent action. Be it a bank or a delivery company, Aiken’s advice is to adopt the “zero trust” principle, which means verifying with the supposed source of the message that it is legitimate.
Make the right choice, not the easy one
An awareness of cognitive dissonance is the third bit of advice. Cognitive dissonance happens when we hold two pieces of conflicting information.
For example, we may know that connecting to unsecured public Wi-Fi can be risky but we may also want to use internet services while we are out and about. In resolving this dissonance, we might say ‘It’ll be grand’ – and ignore the fact that it might not be grand.
The main advice is to think carefully before you click or connect. Cybercriminals are counting on the fact that you will assume everything will be okay. This doesn’t mean being constantly anxious, but instead listening to that voice that says ‘this is risky’ and waiting until you get home to check your bank balance.