On the surface, many email scams seem so obvious you wonder how anyone could fall for them. But in fact, millions do.
A new study by McAfee, a computer security firm, says victims arent stupid or careless they simply fall for the criminals ever more sophisticated mind games.
Scam spam works best by providing recipients with a sense of familiarity and legitimacy, either by creating the illusion that the email is from a friend or colleague, or providing plausible warnings from a respected institution, said Dr. James Blascovich, Professor of Psychology at the University of California, Santa Barbara, the studys principal author.
The study, Mind Games, focuses mostly on the use of phishing emails. These messages on the surface may look like they are from reputable and well-known companies such as eBay, Bank of America or Paypal.
Once the victim opens the email, criminals use two basic motivational processes, approach and avoidance, or a combination of the two, to persuade victims to click on dangerous links, provide personal information, or download risky files. By scamming $20 from just half of one percent of the U.S. population, cyber criminals can earn $15 million each day and nearly $5.5 billion in a year, a powerful attraction for skillful scam artists, Blasovich said.
Once scammers lure victims into opening the message and clicking on a link that takes them to a fraudulent site, they employ fear and familiarity to pry sensitive information from them.
The scammer often tells the victim the security of their account has been breached. Victims are led to believe that failure to click on the links will result in extra charges or cancellation of important accounts.
While these emails are not exactly a new threat, the study says they are more sophisticated and harder to spot. Fraudulent emails used to contain misspellings, grammatical errors and poor quality graphics. These days the bogus sites more nearly mimic pages from legitimate websites.
Spam scammers also employ the emotion of greed. In fact, thats the primary force behind those stock touting emails that have been flooding inboxes in the last year or so.
The emails often promise hot stock tips, highlighting a small company whose stock sells for a few pennies a share. What the victim doesnt know is the scammer has purchased thousands for shares. If enough people buy the stock, it goes up. An increase of just a few pennies is enough to net the scammer a tidy profit.
Whats the harm, you ask? Because as soon as the scammer dumps his stock, the price plunges again, leaving the recent investors holding the bag.