Cybercriminals turn to mind games to trick users

Organised crime is turning to using mind games on PC users in a bid to trick them into handing over personal information and money, according to new research.

The study, carried out by Professor Clive Hollin, a forensic psychologist at the University of Leicester, found that criminals are assuming trustworthy identities and engaging in friendly banter in order to steal from their victims.

The Mind Games report, commissioned by anti-virus company McAfee, found that internet fraudsters carry out research into psychological "hotspots" and triggers of potential victims. This meant that fraudsters often piggybacked scams on top of topical news stories or current sporting events in order to make the scam appear authentic.

Also, typical emails will contain essential elements that play on and exploit the human condition. Examples cited in the research were web links that read "Click here for a reward" or "Click here to avoid something you don't want to happen".

Professor Hollin said that given the right conditions in terms of the persuasiveness of the communication and the critical combination of situational and personal factors, most people may be vulnerable to misleading information.

"This point is true both for experienced and inexperienced computer users: while naivety may be a partial explanation, even sophisticated users can be deceived and become suggestible to misleading messages," said Hollin.

According to Greg Day, security analyst at McAfee, cybercriminals are relying more and more on social engineering techniques as computer security improves.

"Like con men on the street devising new tricks, internet fraudsters need a never-ending supply of ways to exploit victims online," said Day. "Bypassing mental barriers rather than software security is an increasingly evident tactic of cybercriminals and one that will only continue become more prolific in the raft of online attacks."