OVERVIEW
Most cybercriminals likely exploit psychological vulnerabilities more so than vulnerabilities in hardware or software. An estimated 84% (or more) of “hackers” leverage information from digital footprints and public records, sometimes entirely in place of computer code. Written by a team of cognitive researchers, this op-ed suggests that better brain health can help protect from cybercrime while preserving and nurturing brain capital, a critical collective asset in the digital economy. Research points to cognitive bias as making people more vulnerable to digital scams and thefts, especially in this age of accelerated change and uncertainty. The authors propose that greater awareness and education on bias, within purpose- and value-driven communities, is essential. They urge leaders to adopt honest, encouraging approaches that will guide their teams to feeling valued and empowered to proactively strengthen brain health and protect from cognitive exploitation.“”
The most common norms that are exploited:1. Authority: Most individuals tend to be responsive to people or institutions with an established level of authority or power, like government departments, banks, police, managers, or public figures. Imitating authority figures draws on that trust in authority. 2. Liking: Cybercriminals may create fake identities (either individuals or institutions) that appear kind or prosocial, especially philanthropic figures, charitable organizations, or warm and caring individuals. 3. Conformity: Cybercriminals often indicate that many others have benefited from responding in a certain way, hoping to create the expectation that similar behavior will lead to the same result. 4. Commitment and consistency: This strategy relies on the sunken cost trap. Getting a small amount of money as an initial investment, processing fee, or other small cost can lead to individuals sending more money to achieve the desired result. 5. Reciprocity: Cybercriminals often initially offer a favor or prize, setting up an expectation of the victim providing something in return. 6. Scarcity: Cybercriminals often create time or resource pressures to encourage the individual to participate in the scam urgently: “limited-time offer.” 7. Reward: Cybercriminals often promise some sort of reward that could be psychological, financial, or physical (eg, cure illness, lose weight, yield high investment returns, feel good about yourself, etc). 8. Loss: Cybercriminals often indicate that a failure to act or respond will result in some type of penalty, loss, end of relationship, or loss of status.
