Skip to main content
SpringerLink
Log in

Persuasion in Scams

  • Chapter
Understanding Social Engineering Based Scams

Abstract

This chapter identifies and analyzes trends in the terms and expressions used in the content of scam emails and associates those with the principles of human persuasion that they integrate. We discuss and compare both the terms and principles used over time within a sample of scam emails collected between 2006 and 2014. Our analyses shows that different scam email categories use various principles of persuasion and that it is possible to observe distinct trends in their usage. We argue that with a better understanding of how scammers work at a psychological level, one could devise new techniques to detect persuasion in scam emails and build tools that more closely emulate human interaction with those emails.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Principles that are named by the merging of several other names refer to one principle that is represented with the concatenation of various names using a ‘+’.

References

  1. M. Blythe, H. Petrie, J.A. Clark, F for fake: four studies on how we fall for phish, in Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (ACM, 2011), pp. 3469–3478

    Google Scholar 

  2. M. Boodaei, Mobile users three times more vulnerable to phishing attacks. Trusteer Technical Report. https://securityintelligence.com/mobile-users-3-times-more-vulnerable-to-phishing-attacks/ (2011)

  3. R.B. Cialdini, Influence: The Psychology of Persuasion (Harper Business, New York, 2006)

    Google Scholar 

  4. A. Ferreira, L. Coventry, G. Lenzini, Principles of persuasion in social engineering and their use in phishing, in Human Aspects of Information Security, Privacy, and Trust (Springer, Berlin, 2015), pp. 36–47

    Book  Google Scholar 

  5. I. Fette, N. Sadeh, A. Tomasic, Learning to detect phishing emails, in Proceedings of the 16th International Conference on World Wide Web (ACM, 2007), pp. 649–656

    Google Scholar 

  6. D. Gragg, A Multi-Level Defense Against Social Engineering (SANS institute, Swansea, 2003)

    Google Scholar 

  7. B. Harrison, A. Vishwanath, Y.J. Ng, R. Rao, Examining the impact of presence on individual phishing victimization, in 2015 48th Hawaii International Conference on System Sciences (HICSS) (IEEE, 2015), pp. 3483–3489

    Google Scholar 

  8. C. Herley, Why do Nigerian Scammers say they are from Nigeria? in The Workshop on the Economics of Information Security (WEIS) (2012)

    Google Scholar 

  9. J. Hong, The state of phishing attacks. Commun. ACM 55 (1), 74–81 (2012)

    Article  Google Scholar 

  10. T.N. Jagatic, N.A. Johnson, M. Jakobsson, F. Menczer, Social phishing. Commun. ACM 50 (10), 94–100 (2007)

    Article  Google Scholar 

  11. M. Jakobsson, The human factor in phishing, in Privacy and Security of Consumer Information. http://markus-jakobsson.com/papers/jakobsson-psci07.pdf (2007)

  12. P. Kumaraguru, S. Sheng, A. Acquisti, L.F. Cranor, J. Hong, Teaching Johnny not to fall for phish. ACM Trans. Internet Technol. 10 (2), 7 (2010)

    Google Scholar 

  13. S.J. Martin, N. Goldstein, R. Cialdini, The Small Big: Small Changes that Spark Big Influence (Profile books Ltd, London, 2014)

    Google Scholar 

  14. McAfee Labs threats report, McAfee Inc., Santa Clara, CA. Available: http://www.mcafee.com/us/resources/reports/rp-quarterlythreat-q1-2014.pdf (2014)

  15. J. McAuley, J. Leskovec, Hidden factors and hidden topics: understanding rating dimensions with review text, in Proceedings of the 7th ACM Conference on Recommender Systems (ACM, 2013), pp. 165–172

    Google Scholar 

  16. K.D. Mitnick, W.L. Simon, The Art of Deception: Controlling the Human Element of Security (Wiley, New York, 2011)

    Google Scholar 

  17. S. Srikwan, M. Jakobsson, Using cartoons to teach internet security. Cryptologia 32 (2), 137–154 (2008)

    Article  Google Scholar 

  18. F. Stajano, P. Wilson, Understanding scam victims: seven principles for systems security. Commun. ACM 54 (3), 70–75 (2011)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Porto, Porto, Portugal

    Ana Ferreira

  2. Agari, Portola Valley, USA

    Markus Jakobsson

Authors
  1. Ana Ferreira
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Markus Jakobsson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Agari, Portola Valley, California, USA

    Markus Jakobsson

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer Science+Business Media New York

About this chapter

Cite this chapter

Ferreira, A., Jakobsson, M. (2016). Persuasion in Scams. In: Jakobsson, M. (eds) Understanding Social Engineering Based Scams. Springer, New York, NY. https://doi.org/10.1007/978-1-4939-6457-4_4

Download citation

  • DOI: https://doi.org/10.1007/978-1-4939-6457-4_4

  • Publisher Name: Springer, New York, NY

  • Print ISBN: 978-1-4939-6455-0

  • Online ISBN: 978-1-4939-6457-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation