None of us likes being scammed, and David Modic is no different. But it’s not the fact that scammers try to trick us into handing over our money that bothers him – it’s the way they can rob people of something far more important: their hope.
Take the abuse of dating websites. “People go on dating sites in the hope of fulfilment, and they sometimes get scammed,” says Modic, who researches the psychology of internet fraud at the University of Cambridge. “And that makes me angry.”
It’s this personal passion that’s convinced Modic to study the psychology of scamming. He’s not alone: the field is thriving, and the information that researchers are uncovering is valuable to us all – from vulnerable singletons in search of love to the technology wizards in charge of the world’s online security.
Modic is particularly interested in what makes people vulnerable to scams. It’s tempting to imagine that only the foolish or poorly educated might fall victim – but even anecdotal evidence suggests this is not the case. Take Paul Frampton, an Oxbridge educated academic who was, until earlier this year, a professor of physics at the University of North Carolina at Chapel Hill. In 2012 Frampton was given almost 5 years in prison for drug smuggling in Argentina, after falling victim to an online dating scam. And then there’s John Worley. As a psychotherapist, Worley arguably knows more than most of us about controlling life’s trajectory. But in 2005 he was put on trial for bank fraud and money laundering after becoming a victim of the notorious Nigerian email scam. This scam sees people contacted by someone claiming to be a Nigerian government official appealing for help moving large sums of money out of the country – who just requires a little money upfront to release the fortune. Worley was found guilty and sentenced to two years in prison.
Intelligence and experience offers no protection against scammers, says Modic. “If it did, then better educated people and older people would be less likely to fall for scams. And that is not supported by my research.”
So what does make someone vulnerable? To look for answers to that question, Modic and his colleagues have quizzed thousands of people, asking them first whether they think various scams are plausible – and whether they have fallen victim to them – before asking them to perform a personality test. The research has identified a number of characteristics that people who are victims of scams seem to share in common. Some of these traits – like a lack of self-control – we would probably recognise as dangerous. But others – a trust in authority, a desire to act in the same way as our friends, or a tendency to act in a consistent way – we might think of as good characteristics.
These may be new findings to psychologists, but they are not new to scammers. Modic points out, for instance, that some scammers gain a victim’s trust by pretending to share a mutual friend. In other situations the scammer might contact the victim under the guise of a figure of authority – a doctor or a lawyer - to appear more persuasive. There are also scams that initially involve no loss of money and which are designed to encourage a victim to behave in a certain way, so that later they are more likely to behave in the same way when their money is at stake. Some card game swindles use this strategy.
"I am surprised at the ingenuity of scammers who, perhaps subconsciously, have discovered such principles themselves without scientific studies," says Frank Stajano, a security and privacy researcher at the University of Cambridge. "I can't imagine individual scammers working it all out by themselves, so I wonder what kind of word-of-mouth network they use to learn the tricks of their trade?"
Hidden knowledge
The very fact that scammers clearly are aware of our psychological vulnerabilities – no matter how they gained that knowledge – suggests they can potentially teach us as much as their victims about confidence tricks. This is something Stajano has taken to heart in his research. He has worked with Paul Wilson, a close-up magician and security consultant to casinos, to explore exactly how scammers persuade their victims to hand over their personal belongings. Wilson is one of the writers and stars of BBC television show The Real Hustle, in which he and his team “scam” members of the public by recreating notorious confidence tricks (any money or valuables are later returned).
Wilson’s team has recreated hundreds of scams for the cameras, but Stajano – who quickly became a fan of the show – realised that the scammers repeatedly used one or more of the same seven persuasion principles. Three of these principles are similar to those Modic identified by talking to potential or actual scam victims. Scammers use the “time principle” to persuade us we need to act quickly before we can think rationally and exercise self-control. They also make use of the “deference to authority principle” and the “herd principle” – our tendency to act like our friends or those around us – to convince people that the scam is legitimate.
But scammers have at least four other tricks up their sleeves, says Stajano. They might distract us so we don’t recognise a scam – making use of physically attractive accomplices, for instance. They can use our deepest desires to blind our reasoning – which is why online dating scams are so common. They can hook some victims by manipulating our innate dishonesty and making us act criminally ourselves – knowingly attempting to launder money as part of the Nigerian email scam, for instance. Finally, they can use the kindness of some well-meaning victims against them – scam emails begging for help and money are often sent out in the wake of a natural disaster.
Old tricks
What’s really fascinating, says Stajano, is that scammers have used these principles for centuries. For instance, the Nigerian email scam might seem the product of the digital age, but a version of it existed in 16th Century Europe.
There’s a good reason for that, he says: many of the vulnerabilities that scammers exploit are actually human strengths rather than weaknesses. He points to the work of psychologist Robert Cialdini at Arizona State University, who is famous for his work on the psychology of persuasion. “He’s explained that the authority principle, for example, is actually very helpful for surviving peacefully in human society,” says Stajano. “We shouldn’t see scam victims as stupid – they’re acting in a way that’s beneficial for our survival most of the time.”
The seven persuasion principles might be as old as the hills, but Stajano says they are often ignored by security experts, who are as likely to blame security breaches on the people using their systems as they are to blame the scammers. “Too many security professionals think: users are such a pain – my system would be super-secure if only users behaved in the proper way,” he says. He is trying to persuade experts that they need to make security systems that work in harmony with – not despite - the way we behave.
Making those new systems won’t be easy, and Stajano believes the only solution is to encourage people to empathetically understand and anticipate human behaviour.
As an example of the problems security experts face, imagine you’re about to win an online auction for a mobile phone. You might reasonably expect to trust the seller, whose profile is brimming with positive feedback from other users. But Stajano points out that your trust in this case is really based on the herd principle: you can’t be sure that the seller is not in fact a scammer who has built up a positive reputation by trading with a handful of accomplices. Any of us might fall victim to this scam. In fact, even Modic has been tricked. “I bought a mobile phone from China that was not as it appeared online,” he says.
We may never be truly immune to confidence tricks. But perhaps ordinary users and system designers alike can protect ourselves to some degree by learning to think like a scammer.
To see more documents/articles regarding this group/organization/subject click here.