ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Management Toolkit

McAfee: How cybercrooks get under your skin

Tom Espiner ZDNet.co.uk

Published: 26 Jun 2007 13:43 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Security firm McAfee has said that cybercriminals are using increasingly sophisticated social-engineering techniques, and that IT managers need to make users aware of the psychological tricks that make the techniques work.

The vendor worked with University of Leicester forensic psychologist Professor Clive Hollin to analyse why users fall for online scams.

According to Hollin, the first part of the process is persuading the user that an email comes from a respectable source. People tend to respond to authority — for example, a lawyer — but will also respond to endorsements from trusted sources, as well as familiarity and banter.

Once trust has been gained, fraudsters attempt to get users to click on a link which takes them to malicious websites by either threatening an unwanted event, such as legal action, or by offering a reward, such as a commodity for a bargain price, said Hollin.

Sentry Posts Blog

Sentry Posts Blog
Guarding the network

What you need to know — and what you and your peers have to tell us — about security management in our new community group blog

Read more +

Users who fall for scams are not necessarily technophobes or the innocent, said the psychologist. Risk-takers might be fooled by the prospect of high gain, while the tech-savvy might be vulnerable due to over-confidence.

"Given the right conditions in terms of the persuasiveness of the communication and the critical combination of situational and personal factors, most people may be vulnerable to misleading information. This point is true both for experienced and inexperienced computer users; while naivety may be a partial explanation, even sophisticated users can be deceived and become suggestible to misleading messages," said Hollin.

McAfee's Sal Viveros said IT managers should let end users know the kind of social-engineering tactics that cybercrooks use. "Enforcing policy and education helps to minimise threats," he said.

While the psychological tricks used by cyberfraudsters may play on human nature, Viveros said that the techniques being used are increasingly sophisticated.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with Dell

Did you find this article useful?
5 out of 9 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Management


Company/Topic Alerts

Create a new alert from the list below:





Related Jobs

Embedded Software Engineer - Dundee 30 - 35k

Experience in Embedded Engineering - Ability to code in Embedded C and assembly - Ability to test code thoroughly - Understanding of design life ...

Developer, up to 32K,C#/ASP.Net, Leeds

An ideal opportunity has arisen for a developer to work within the financial markets at an established software engineering company, This company ...

Java Software Designer - Java, UML, RDBMS, Design South Yorkshire

You will be responsible for the development and maintenance of design models and documentation Team Size: You will be working closely with the ...

Discussions

dogStar dogStar

Shake those Monkeys!

Friday 25 July 2008, 9:51 AM

1 comment
Freddyoky Freddyoky

Police And The Internet

Friday 25 July 2008, 8:32 AM

4 comments
ator1940 ator1940

A new twist - NBC online Olympic cover...

Friday 25 July 2008, 7:38 AM

4 comments
ator1940 ator1940

cheap nike sneakers,wholesale nikes,ch...

Friday 25 July 2008, 7:13 AM

1 comment

View All