Manipulation of emotional security by cybercriminals using social engineering technologies: a case study

Light and shadows of digital reality: the artificial and the natural

Authors

  • Ekaterina S. Ignatova Perm State University, 15, Bukirev st., Perm, 614990, Russia

DOI:

https://doi.org/10.17072/2078-7898/2024-3-374-390

Keywords:

information security, emotional security, social engineering, manipulation, manipulative influence, scammers, cyber fraudsters, critical thinking, cognitive distortions, emotional vulnerability, victimization, victim, credulity, trust, institutions of power

Abstract

In psychology, the pervasive social fraud is only becoming a matter of interest. The article looks at fraud from the perspective of manipulative influence on the mental state of a potential victim who «voluntarily» violates information security. The study raises the problem of the need to recognize the mechanism of fraudulent influence on a person and their behavior. The theoretical foundations of this problem are considered. The historical aspect of the application of social engineering technologies to obtain personal information and regulate human behavior is shown. The types of social fraud are described. The heterogeneity of fraudulent schemes is indicated. The factors of fraudulent influence that act as targets are presented, including empirically confirmed personal characteristics of potential and real victims, their thinking systems and basal emotional regulation. The role of cognitive distortions that reduce the effectiveness of critical thinking in an emotionally insecure state is shown. The stages of manipulative influence by fraudsters have been identified. A psychological analysis of a case of manipulative influence on emotional security by cybercriminals using social engineering technologies is described, with the results of a study into the victim’s identity presented. The study has found correspondence between the personal characteristics of the subject and the empirical portrait of a fraudsters’ victim in expressed indicators of benevolence, conscientiousness, anxiety, orientation to the value of security, conviction in the moral qualities of Another. The analysis of the victim’s narrative made it possible: to describe the criminals’ scenario within the range «situational tension – removal of psychological tension», when the victim is consistently deprived of key components of emotional security: calmness, confidence in the controllability of what is happening and the possibility of predicting the consequences; to establish the dynamics of the victim’s emotional experience and its influence on the perception of reality, on the mental system and, ultimately, on irrational behavior. Recommendations for the prevention of victimized behavior of a victim of fraud are formulated. The data obtained can be used in psychological counseling, in the field of risk management and forecasting in various industries where social fraud is represented in one way or another.

Author Biography

Ekaterina S. Ignatova, Perm State University, 15, Bukirev st., Perm, 614990, Russia

Candidate of Psychology, Docent, Head of the Department of General and Clinical Psychology

References

Ананьина К.П., Изофатова Д.А. Актуальные вопросы профилактики телефонного мошенничества // Закон и общество: история, проблемы, перспективы: материалы XXVI Межвуз. между-нар. науч.-практ. конф. студентов и аспирантов, посвящ. 70-летию Красноярского ГАУ (Красно-ярск, 21–22 апреля 2022 г.) / отв. ред. Е.А. Ерахтина и др. Красноярск: Изд-во Красно-яр. гос. аграр. ун-та, 2022. С. 217–219.

Белоусова Е.А. Факторы информационно-психологического воздействия на личность в условиях цифрового развития общества // Вестник науки. 2024. Т. 4, № 5(74). С. 436–441.

Богданов А.В., Ильинский И.И., Хазов Е.Н. Киберпреступность и дистанционное мошенничество как одна из угроз современному обществу // Криминологический журнал. 2020. № 1. С. 15–20.

Габалова Е.Б., Тегетаева О.Р. Телефонные мошенничества: угроза для развития бизнеса // Modern Science. 2021. № 2–1. С. 128–130.

Грязева Н.В., Некрасов А.П. Актуальные способы совершения мошенничеств с использованием средств сотовой связи в учреждениях уголовно-исполнительной системы // Вестник Самарского юридического института. 2020. № 4(40). С. 33–42. DOI: https://doi.org/10.37523/sui.2020.40.4.005

Заболоцкая А.В., Ткачева Е.Г. Психологическая безопасность личности в Интернете // Автономия личности. 2022. № 1(27). С. 91–97.

Зотина Е.В. Предупреждение телефонного мошенничества в отношении граждан пожилого возраста // Ученые записки Казанского юридического института МВД России. 2023. Т. 8, № 2(16). С. 19–25.

Козина И.М., Cережкина Е.В. Концепция кейс-стади в социальных науках и французская традиция монографических исследований трудовых организаций // Социологические исследования. 2015. № 1. С. 64–73.

Кузьмин Ю.А. Предупреждение телефонного мошенничества (криминологический аспект) // Oeconomia et Jus. 2022. № 3. С. 47–54. DOI: https://doi.org/10.47026/2499-9636-2022-3-47-54

Ламинина О.Г. Возможности социальной инженерии в информационных технологиях // Гуманитарные, социально-экономические и общественные науки. 2017. № 2. С. 21–23.

Менщиков А.А., Федосенко М.Ю. Возможности применения методов социальной инженерии в организации телефонного мошенничества // Экономика и качество систем связи. 2021. № 4(22). С. 36–47.

Мешкова Н.В., Кудрявцев В.Т., Ениколо-пов С.Н. К психологическому портрету жертв телефонного мошенничества // Вестник Москов-ского университета. Серия 14: Психология. 2022. № 1. С. 138–157. DOI: https://doi.org/10.11621/vsp.2022.01.06

Михайлов А.С. Кейс-стади — исследователь-ская стратегия или мета-метод? // Экономика и социум. 2014. № 3–2(12). С. 543–551.

Первушина О.Н., Федоров А.А. Личностные особенности жертв телефонного мошенничества // Вопросы психологии. 2022. Т. 68, № 3. С. 92–103.

Психологические аспекты противодействия телефонному мошенничеству в финансовой сфере: метод. материалы / авт.-сост.: С.П. Баранцев, О.В. Медяник, Н.А. Низовских, О.А. Николаева / Упр. МВД РФ по Кировской области. Киров, 2024. 60 с.

Рачева Н.В., Балеевских Ф.В., Котов В.В. Современные способы совершения мошенничества в отношении имущества физических лиц с использованием интернет-ресурсов и технологий социальной инженерии // Юридическая наука. 2021. № 2. С. 101–105.

Романов В.Г., Романова И.В. Социальное мошенничество «Covid-19» и манипулятивные технологии социальной инженерии // Вестник Забайкальского государственного университета. 2020. Т. 26, № 9. С. 57–67. DOI: https://doi.org/10.21209/2227-9245-2020-26-9-57-67

Сафуанов Ф.С., Докучаева Н.В. Особенности личности жертв противоправных посягательств в Интернете // Психология и право. 2015. Т. 5, № 4. С. 80–93. DOI: https://doi.org/10.17759/psylaw.2015050407

Сидоренко Е.В. Тренинг влияния и противостояния влиянию. СПб.: Речь, 2004. 256 с.

Старостенко Н.И. Криминалистический аспект техник социальной инженерии при совер-шении преступлений // Вестник Краснодарского университета МВД России. 2020. № 1(47). С. 80–83.

Трахов А.И., Бешукова З.М. Предупреждение телефонного мошенничества: российский и зарубежный опыт // Цифровые технологии и право: сб. науч. тр. I Междунар. науч.-практ. конф. (Казань, 23 сентября 2022 г.): в 6 т. / под ред. И.Р. Бегишева и др. Казань: Познание, 2022. Т. 6. С. 357–361.

Шипулин Г.Ф. Способы совершения мошенничества, связанные с использованием мобильной связи // Международный журнал гуманитарных и естественных наук. 2022. № 2–2(65). С. 186–189. DOI: https://doi.org/10.24412/2500-1000-2022-2-2-186-189

Ярославцева И.В., Дорохина С.А. Критическое мышление пожилых людей — жертв мошеннических действий: теоретический и прикладной аспекты исследования // Известия Иркутского государственного университета. Серия: Психология. 2016. Т. 15. С. 60–71.

Aberdeen T. Yin, R.K. (2009). Case study research: Design and methods (4th ed.). Thousand Oaks, CA: Sage // The Canadian Journal of Action Research. 2013. Vol. 14, no. 1. P. 69–71. DOI: https://doi.org/10.33524/cjar.v14i1.73

Asri F.M., Mahamad T.E.T. Anatomy of Phone Scams: Victims’ Recall on the Communication Phrases used by Phone Scammers // Proceedings of the International Conference on Communication and Media 2022 (i-COME 2022). Paris: Atlantis Press, 2023. P. 498–509. DOI: https://doi.org/10.2991/978-2-38476-098-5_43

Atkins B., Huang W. A study of social engineer-ing in online frauds // Open Journal of Social Sci-ences. 2013. Vol. 1, no. 3. P. 23–32. DOI: https://doi.org/10.4236/jss.2013.13004

Bidgoli M., Grossklags J. «Hello. This is the IRS calling»: A case study on scams, extortion, impersonation, and phone spoofing // 2017 APWG Symposium on Electronic Crime Research (eCrime) (Phoenix, AZ, Apr. 25–27, 2017). Phoenix, AZ: IEEE, 2017. P. 57–69. DOI: https://doi.org/10.1109/ecrime.2017.7945055

Button M., Shepherd D., Hawkins C., Tapley J. Fear and phoning: Telephones, fraud, and older adults in the UK // International Review of Victimology. 2024. URL: https://journals.sagepub.com/doi/epub/10.1177/02697580241254399 (accessed: 21.07.2024). DOI: https://doi.org/10.1177/02697580241254399

DeLiema M., Li Y., Mottola G. Correlates of responding to and becoming victimized by fraud: Examining risk factors by scam type // International Journal of Consumer Studies. 2023. Vol. 47, iss. 3. P. 1042–1059. DOI: https://doi.org/10.1111/ijcs.12886

Eze O.J., Okpa J.T., Onyejegbu Ch.D., Ajah B.O. Cybercrime: victims’ shock absorption mechanisms // Malware: Detection and Defense / ed. by E. Babulak. London: IntechOpen, 2023. P. 3–14. DOI: https://doi.org/10.5772/intechopen.106818

Ghani N.M., Bakar M.A.A., Rosli H. Cybercrime experience’s impact on women’s emotions: a case study in Penang // Malaysian Journal of Tropical Geography (MJTG). 2023. Vol. 49, no. 2. P. 48–67.

Lu H.Y., Chan S., Chai Wh., Lau S.M., Khader M. Examining the influence of emotional arousal and scam preventive messaging on susceptibility to scams // Crime Prevention and Community Safety. 2020. Vol. 22, iss. 4. P. 313–330. DOI: https://doi.org/10.1057/s41300-020-00098-3

Maharjan A.A. Study of Scams and Frauds using Social Engineering in «The Kathmandu Valley» of Nepal: Master of Science in Technology Thesis / University of Turku. 2023, 69 p.

Parti K., Tahir F. «If We Don’t Listen to Them, We Make Them Lose More than Money»: Exploring Reasons for Underreporting and the Needs of Older Scam Victims // Social Sciences. 2023. Vol. 12, iss. 5. URL: https://www.mdpi.com/2076-0760/12/5/264/pdf?version=1683172510 (accessed: 21.07.2024). DOI: https://doi.org/10.3390/socsci12050264

Pimentel A., Steinmetz K.F. Enacting social engineering: the emotional experience of information security deception // Crime, Law and Social Change. 2022. Vol. 77, iss. 3. P. 341–361. DOI: https://doi.org/10.1007/s10611-021-09993-8

Wang J., Zhang L., Xu L., Qian X. The dynamic emotional experience of online fraud victims during the process of being defrauded: A text-based analysis // Journal of Criminal Justice. 2024. Vol. 94. URL: https://www.sciencedirect.com/science/article/abs/pii/S0047235224000801 (accessed: 21.07.2024). DOI: https://doi.org/10.1016/j.jcrimjus.2024.102231

Yoshioka T., Awai S., Ide K., Chikano M., Iwasaki S., Yoshino K., Konno T. Demo: Preventing Phone Fraud by Victim Training Using Personalized Feedback for Behavioral Change // MOBISYS ‘24: Proceedings of the 22nd Annual International Conference on Mobile Systems, Applications and Services. N.Y.: Association for Computing Machinery, 2024. P. 588–589. DOI: https://doi.org/10.1145/3643832.3661833

References

Aberdeen, T. (2013). Yin, R.K. (2009). Case study research: Design and methods (4th ed.). Thousand Oaks, CA: Sage. The Canadian Journal of Action Research. Vol. 14, no. 1, pp. 69–71. DOI: https://doi.org/10.33524/cjar.v14i1.73

Anan’ina, K.P. and Izofatova, D.A. (2022). [Topical issues of telephone fraud prevention]. Zakon i obschestvo: istoriya, problemy, perspektivy: materialy XXVI Mezhvuzovskoy mezhdunarodnoy nauchno-prakticheskoy konferentsii studentov i aspirantov, posvyaschennoy 70-letiyu Krasnoyarskogo GAU (Krasnoyarsk, 21–22 aprelya 2022 g.) [Law and Society: History, Problems, Prospects: Proceedings of the 26th Interuniversity International Scientific and Practical Conference of students and postgraduates dedicated to the 70th anniversary of the Krasnoyarsk State Agrarian University (Krasnoyarsk, Apr. 21–22, 2022)]. Krasnoyarsk: KGAU Publ., pp. 217–219.

Asri, F.M. and Mahamad, T.E.T. (2023). Anatomy of phone scams: Victims’ recall on the communication phrases used by Phone Scammers. Proceedings of the International Conference on Communication and Media 2022 (i-COME 2022). Paris: Atlantis Press, pp. 498–509. DOI: https://doi.org/10.2991/978-2-38476-098-5_43

Atkins, B. and Huang, W. (2013). A study of social engineering in online frauds. Open Journal of Social Sciences. Vol. 1, no. 3, p. 23–32. DOI: https://doi.org/10.4236/jss.2013.13004

Barantsev, S.P., Medyanik, O.V., Nizovskikh, N.A. abd Nikolaeva, O.A. (eds.) (2024). Psikhologicheskie aspekty protivodeystviya telefonnomu moshennichestvu v finansovoy sfere: metodicheskie materialy [Psychological aspects of countering telephone fraud in the financial sphere: methodological materials]. Dep. of the Ministry of Internal Affairs of the RF for the Kirov Region. Kirov, 60 p.

Belousova, E.A. (2024). [Factors of information and psychological impact on personality in the context of digital development of society]. Vestnik nauki [Bulletin of Science]. Vol. 4, no. 5(74), pp. 436–441.

Bidgoli, M. and Grossklags, J. (2017). «Hello. This is the IRS calling»: A case study on scams, extortion, impersonation, and phone spoofing. 2017 APWG Symposium on Electronic Crime Research (eCrime) (Phoenix, AZ, Apr. 25–27, 2017). Phoenix, AZ: IEEE Publ., pp. 57–69. DOI: https://doi.org/10.1109/ecrime.2017.7945055

Bogdanov, A.V., Il’inskiy, I.I. and Khazov, E.N. (2020). [Cybercrime and remote fraud as one of the threats to modern society]. Kriminologicheskiy zhurnal [Criminological Journal]. No. 1, pp. 15–20.

Button, M., Shepherd, D., Hawkins, C. and Tapley, J. (2024). Fear and phoning: Telephones, fraud, and older adults in the UK. International Review of Victimology. Available at: https://journals.sagepub.com/doi/epub/10.1177/02697580241254399 (accessed 21.07.2024). DOI: https://doi.org/10.1177/02697580241254399

DeLiema, M., Li, Y. and Mottola, G. (2023). Correlates of responding to and becoming victimized by fraud: Examining risk factors by scam type. International Journal of Consumer Studies. Vol. 47, iss. 3, pp. 1042–1059. DOI: https://doi.org/10.1111/ijcs.12886

Eze, O.J., Okpa, J.T., Onyejegbu, Ch.D. and Ajah, B.O. (2023). Cybercrime: victims’ shock absorption mechanisms. E. Babulak (ed.) Malware: Detection and Defense. London: IntechOpen Publ., pp. 3–14. DOI: https://doi.org/10.5772/intechopen.106818

Gabalova, E.B. and Tegetaeva, O.R. (2021). [Telephone fraud: a threat to business development]. Modern Science. No. 2–1, pp. 128–130.

Ghani, N.M., Bakar, M.A.A. and Rosli, H. (2023). Cybercrime experience’s impact on women’s emotions: a case study in Penang. Malaysian Journal of Tropical Geography (MJTG). Vol. 49, no. 2, pp. 48–67.

Gryazeva, N.V. and Nekrasov, A.P. (2020). [Actual ways to improve fraud using cellular communications in institutions of the penal system]. Vestnik Samarskogo yuridicheskogo instituta [Bulletin of the Samara Law Institute]. No. 4(40), pp. 33–42. DOI: https://doi.org/10.37523/sui.2020.40.4.005

Kozina, I.M. and Tserezhkina, E.V. (2015). [The concept of a case study in the social sciences and the French tradition of monographic research of labor organizations]. Sotsiologicheskie issledovaniya [Sociological Research]. No. 1, pp. 64–73.

Kuz’min, Yu.A. (2022). [Prevention of telephone fraud (criminological aspect)]. Oeconomia et Jus [Economics and Law]. No. 3, pp. 47–54. DOI: https://doi.org/10.47026/2499-9636-2022-3-47-54

Laminina, O.G. (2017). [Possibilities of social engineering in information technologies]. Gumanitarnye, sotsial’no-ekonomicheskie i obschestvennye nauki [Humanities, Socio-Economic and Social Sciences]. No. 2, pp. 21–23.

Lu, H.Y., Chan, S., Chai, Wh., Lau, S.M. and Khader, M. (2020). Examining the influence of emotional arousal and scam preventive messaging on susceptibility to scams. Crime Prevention and Community Safety. Vol. 22, iss. 4, pp. 313–330. DOI: https://doi.org/10.1057/s41300-020-00098-3

Maharjan, A. (2023). A study of scams and frauds using social engineering in «The Kathmandu valley» of Nepal: Master of Science in Technology Thesis. University of Turku, 69 p.

Menschikov, A.A. and Fedosenko, M.Yu. (2021). [The possibilities of using social engineering methods in the organization of telephone fraud]. Ekonomika i kachestvo sistem svyazi [Economics and Quality of Communication Systems]. No. 4(22), pp. 36–47.

Meshkova, N.V., Kudryavtsev, V.T. and Eni-kolopov, S.N. (2022). [On the psychological portrait of a telephone fraud character]. Vestnik Moskovskogo universiteta. Seriya 14: Psikhologiya [Moscow University Psychology Bulletin]. No. 1, pp. 138–157. DOI: https://doi.org/10.11621/vsp.2022.01.06

Mikhaylov, A.S. (2014). [Is the case study a research strategy or a meta-method?]. Ekonomika i sotsium [Economy and Society]. No. 3–2(12), pp. 543–551.

Parti, K. and Tahir, F. (2023). «If we don’t listen to them, we make them lose more than money»: Exploring reasons for underreporting and the needs of older scam victims. Social Sciences. Vol. 12, iss. 5. Available at: https://www.mdpi.com/2076-0760/12/5/264/pdf?version=1683172510 (accessed 21.07.2024). DOI: https://doi.org/10.3390/socsci12050264

Pervushina, O.N. and Fedorov, A.A. (2022). [Personal characteristics of a telephone fraud person]. Voprosy psikhologii. Vol. 68, no. 3, pp. 92–103.

Pimentel, A. and Steinmetz, K.F. (2022). Enacting social engineering: the emotional experience of information security deception. Crime, Law and So-cial Change. Vol. 77, iss. 3, pp. 341–361. DOI: https://doi.org/10.1007/s10611-021-09993-8

Racheva, N.V., Baleevskikh, F.V. and Kotov, V.V. (2021). [Modern possibilities of improving fraud against the property of individuals using Internet resources and social engineering technologies]. Yuridicheskaya nauka [Legal Science]. No. 2, pp. 101–105.

Romanov, V.G. and Romanova, I.V. (2020). [Social fraud «Covid-19» and manipulative technologies of social engineering]. Vestnik Zabaykal’skogo gosudarstvennogo universiteta [Transbaikal State University Journal]. Vol. 26, no. 9, pp. 57–67. DOI: https://doi.org/10.21209/2227-9245-2020-26-9-57-67

Safuanov, F.S. and Dokuchaeva, N.V. (2015). [Personality characteristics of victims of unlawful attacks on the Internet]. Psikhologiya i pravo [Psychology and Law]. Vol. 5, no. 4, pp. 80–93. DOI: https://doi.org/10.17759/psylaw.2015050407

Shipulin, G.F. (2022). [Ways to improve fraud related to the use of mobile communications]. Mezhdunarodnyy zhurnal gumanitarnykh i estestvennykh nauk [International Journal of Humanities and Natural Sciences]. No. 2–2(65), pp. 186–189. DOI: https://doi.org/10.24412/2500-1000-2022-2-2-186-189

Sidorenko, E.V. (2004). Trening vliyaniya i protivostoyaniya vliyaniyu [Training influences and counteraction to influence]. St. Petersburg: Rech’ Publ., 256 p.

Starostenko, N.I. (2020). [The criminalistic aspect of social engineering techniques in the commission of crimes]. Vestnik Krasnodarskogo universiteta MVD Rossii [Bulletin of Krasnodar University of Russian MIA]. No. 1(47), pp. 80–83.

Trakhov, A.I. and Beshukova, Z.M. (2022). [Prevention of telephone fraud: Russian and foreign experience]. Tsifrovye tekhnologii i pravo: sbornik nauchnykh trudov I Mezhdunarodnoy nauchno-prakticheskoy konferentsii (Kazan’, 23 sentyabrya 2022 g.): v 6 t. [Digital Technologies and Law: a Collection of Scientific Papers and an International Scientific and Practical Conference (Kazan, Sep. 23, 2022): in 6 vols]. Kazan: Poznanie Publ., vol. 6, pp. 357–361.

Wang, J., Zhang, L., Xu, L. and Qian, X. (2024). The dynamic emotional experience of online fraud victims during the process of being defrauded: A text-based analysis. Journal of Criminal Justice. Vol. 94. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0047235224000801 (accessed: 21.07.2024). DOI: https://doi.org/10.1016/j.jcrimjus.2024.102231

Yaroslavtseva, I.V. and Dorokhina, S.A. (2016). [Critical thinking of poor people — a victim of fraudulent actions: theoretical and applied aspects of the study]. Izvestiya Irkutskogo gosudarstvennogo universiteta. Seriya: Psikhologiya [Proceedings of Irkutsk State University. Series: Psychology]. Vol. 15, pp. 60–71.

Yoshioka, T., Awai, S., Ide, K., Chikano, M., Iwasaki, S., Yoshino, K. and Konno, T. (2024). Demo: Preventing phone fraud by victim training using personalized feedback for behavioral change. MOBISYS ‘24: Proceedings of the 22nd Annual International Conference on Mobile Systems, Applications and Services. New York: Association for Computing Machinery Publ., pp. 588–589. DOI: https://doi.org/10.1145/3643832.3661833

Zabolotskaya, A.V. and Tkacheva, E.G. (2022). [Psychological security of personality on the Internet]. Avtonomiya lichnosti [The Autonomy of Personality]. No. 1(27), pp. 91–97.

Zotina, E.V. (2023). [Telephone fraud against elderly citizens]. Uchenyye zapiski Kazanskogo yuridicheskogo instituta MVD Rossii [Scientific Notes of the Kazan Law Institute of MIA Russia]. Vol. 8, no. 2(16), pp. 19–25.

Downloads

Published

2024-10-31

Issue

Вестник 2024 Выпуск 3

Section

Статьи

License

Copyright (c) 2024 Perm University Herald. Philosophy. Psychology. Sociology

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.