Abstract
This chapter identifies and analyzes trends in the terms and expressions used in the content of scam emails and associates those with the principles of human persuasion that they integrate. We discuss and compare both the terms and principles used over time within a sample of scam emails collected between 2006 and 2014. Our analyses shows that different scam email categories use various principles of persuasion and that it is possible to observe distinct trends in their usage. We argue that with a better understanding of how scammers work at a psychological level, one could devise new techniques to detect persuasion in scam emails and build tools that more closely emulate human interaction with those emails.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Principles that are named by the merging of several other names refer to one principle that is represented with the concatenation of various names using a ‘+’.
References
M. Blythe, H. Petrie, J.A. Clark, F for fake: four studies on how we fall for phish, in Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (ACM, 2011), pp. 3469–3478
M. Boodaei, Mobile users three times more vulnerable to phishing attacks. Trusteer Technical Report. https://securityintelligence.com/mobile-users-3-times-more-vulnerable-to-phishing-attacks/ (2011)
R.B. Cialdini, Influence: The Psychology of Persuasion (Harper Business, New York, 2006)
A. Ferreira, L. Coventry, G. Lenzini, Principles of persuasion in social engineering and their use in phishing, in Human Aspects of Information Security, Privacy, and Trust (Springer, Berlin, 2015), pp. 36–47
I. Fette, N. Sadeh, A. Tomasic, Learning to detect phishing emails, in Proceedings of the 16th International Conference on World Wide Web (ACM, 2007), pp. 649–656
D. Gragg, A Multi-Level Defense Against Social Engineering (SANS institute, Swansea, 2003)
B. Harrison, A. Vishwanath, Y.J. Ng, R. Rao, Examining the impact of presence on individual phishing victimization, in 2015 48th Hawaii International Conference on System Sciences (HICSS) (IEEE, 2015), pp. 3483–3489
C. Herley, Why do Nigerian Scammers say they are from Nigeria? in The Workshop on the Economics of Information Security (WEIS) (2012)
J. Hong, The state of phishing attacks. Commun. ACM 55 (1), 74–81 (2012)
T.N. Jagatic, N.A. Johnson, M. Jakobsson, F. Menczer, Social phishing. Commun. ACM 50 (10), 94–100 (2007)
M. Jakobsson, The human factor in phishing, in Privacy and Security of Consumer Information. http://markus-jakobsson.com/papers/jakobsson-psci07.pdf (2007)
P. Kumaraguru, S. Sheng, A. Acquisti, L.F. Cranor, J. Hong, Teaching Johnny not to fall for phish. ACM Trans. Internet Technol. 10 (2), 7 (2010)
S.J. Martin, N. Goldstein, R. Cialdini, The Small Big: Small Changes that Spark Big Influence (Profile books Ltd, London, 2014)
McAfee Labs threats report, McAfee Inc., Santa Clara, CA. Available: http://www.mcafee.com/us/resources/reports/rp-quarterlythreat-q1-2014.pdf (2014)
J. McAuley, J. Leskovec, Hidden factors and hidden topics: understanding rating dimensions with review text, in Proceedings of the 7th ACM Conference on Recommender Systems (ACM, 2013), pp. 165–172
K.D. Mitnick, W.L. Simon, The Art of Deception: Controlling the Human Element of Security (Wiley, New York, 2011)
S. Srikwan, M. Jakobsson, Using cartoons to teach internet security. Cryptologia 32 (2), 137–154 (2008)
F. Stajano, P. Wilson, Understanding scam victims: seven principles for systems security. Commun. ACM 54 (3), 70–75 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer Science+Business Media New York
About this chapter
Cite this chapter
Ferreira, A., Jakobsson, M. (2016). Persuasion in Scams. In: Jakobsson, M. (eds) Understanding Social Engineering Based Scams. Springer, New York, NY. https://doi.org/10.1007/978-1-4939-6457-4_4
Download citation
DOI: https://doi.org/10.1007/978-1-4939-6457-4_4
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4939-6455-0
Online ISBN: 978-1-4939-6457-4
eBook Packages: Computer ScienceComputer Science (R0)