Skip to content

Manipulation of human emotions is key for a phishing attack success

“Congratulations! You have just won 30 million euros – follow the link to grab it!”, said the message I received last week. Honestly, it was too much to be true, it was in fact a phishing attack. However, manipulation of human emotions is what cyber attackers do. Methods they use are borrowed from practical psychology and relate to social engineering. Playing with human feelings, fears and reflexes allows cyber criminals to gain access to the information they look for.

When creating phishing email messages, attackers have two main goals: gain the user’s password or try to force a certain file download. Unfortunately, the level of user awareness about modern cyber threats is still rather low. In this post I will describe the basic techniques to help you recognize a trap.

“Update Needed: Verify Your Payment Information”

When you work hard, you receive and reply tons of emails every day. It can be difficult to focus on every message, whether you work in the office or from home.

You get an email message that contains an attachment or a link in its body. Lack of attention especially re-enforced by respect for authorities can persuade you to open the document without checking it twice.

“You’ve been hacked – please, change your password”

Our digital profiles are as precious as gold for us. Business and personal data, access to social networks and online banking – it is all online. Anybody would be scared to have their money, data and reputation compromised.

Fear especially boosted by the sense of urgency would make ordinary users go to change their passwords straight away, clicking the link in the email. Unfortunately, it would lead to a phishing web page looking identical to the real one.

“Your message wasn’t delivered”

You receive an email stating that some messages were not delivered due to server problems. What if you missed something important?

Many people are curious by nature and cannot resist the temptation to click the link, even if they have not sent any message recently. By the way, it is one of the most popular methods to conduct a phishing attack.

“Your mailbox is almost full – please, increase its volume”

Oh no! It is never the right moment to receive such a message. Especially if you are in a hurry, accomplishing a few urgent tasks while attending a call with colleagues.

Following the link, you can even find your login already there, so you are just entering your password and… you get hacked!

Recommendations

  • Do not blindly follow instructions in the email, especially those that prompt you to perform certain actions here and now. Carefully check the sender email address
  • If you receive a message you have nothing to do with, it is better to delete it
  • Courts or other authorities would hardly send their decisions and overdue load notifications by email. In most cases you would receive a good old paper letter
  • Do not click suspicious links in the messages, even if they are from your friends or some official addresses – they can be compromised. Pick up the phone and call to verify!
  • Do not be fooled by the sense of urgency. Take your time to verify email that requires you to take some actions

Learn more about the way you can train non-IT teams inside your organization to recognize manipulation of human emotions attempts alongside the other basics of cyber security awareness.

Related post

cset conference

Genoa, Novembre 14, 2024 - The 2024 CSET Conference,concluded yesterday, following two days of insightful discussions held on November 12-13 at the historic Palazzo della Borsa in Genoa. Organized by…

cset pre event 500x500

Genoa, November,12, 2024 - Last night, against the beautiful backdrop of Villa Lo Zerbino in Genoa, HWG Sababa hosted an exclusive event that brought together cybersecurity experts to discuss the…

cybersecurity roadmap settore trasporti

The transportation sector is undergoing a digital transformation, integrating advanced technologies and smart systems to optimize roadways, railways, maritime routes, and air traffic. However, this increased connectivity comes with heightened…

5 minutes
Back To Top