2015-08-17 15:23

Symantec Corporation (2014) claims that at least one in 319 e-mails is a form of phishing attack. These attacks are costing organizations more than $3 billion annually (Gartner, 2007). South Africa is ranked among the top most targeted countries, accounting for 5% of the total global volume of attacks. These attacks cost the country approximately $320 million (Van Vuuren, 2014). A major concern is the inability of people – as many as 50 to 90% – to recognize phishing. Moreover, the Norton Report (2013) claims that up to 20% of people are being deceived by these malicious information requests.


Phishing is a type of fraud where criminals impersonate a trustworthy third party to lure a person into revealing sensitive information such as personal, financial or password data to fraudulent or ‘spoofed’ web sites. Not surprisingly, the most popular computer application – email – is the target of criminals. For example, fraudsters send an email instructing a person to click on a link to a convincing fake or copy of a bank’s web site. Once you click on the link you face the risk of activating key logging software or viruses. If you provide sensitive information, fraudsters are able to use it to steal your money or commit other crimes related to identity theft.


Studies suggest that habitual email use coinciding with trends in email overload has increased our likelihood of being a phishing victim. As many as 37.5% of people try to answer emails immediately and as many as 56% answer them on the same day. There is also an increasing expectation that people make more and more decisions via email at work. Given the intrusive and pervasive nature of this medium, it is not surprising that many people feel rushed, stressed, and mentally fatigued when responding to emails. Since there is little time to make informed decisions, they tend to increasingly rely on a few cues in the email’s content. These short-cuts may have served them well in the past, but they are now being exploited by both marketing compliance experts and phishing fraudsters. I call them urgency and trust lures.



Scams invoke human vulnerability to perceived scarcity by providing an opportunity to be rewarded for prompt action or a loss or penalty for delayed action. For example, scare tactics such as penalties are likely to lead to an intense feeling and therefore manipulates a person to think and react quickly out of fear, to avoid a bad credit record or the inconvenience of having their account placed on hold. Example: ‘permanent account suspension’

Scams exploit the way people have become enticed by reward programmes, discounts and monetary gain. For instance, loyalty reward programmes habituate people into wanting to improve their perceived status (from gold to platinum membership) as it provides them with tangible monetary benefits, and feelings of distinctiveness. Example: ‘13,000 Christmas Rewards’

Scams also use transaction salience – that is, the mimicking of a transaction that appears relevant and important to a person at a point in time. For instance, tax related frauds are more likely to surface during the tax season. Example: ‘SARS Payment’


Trust plays an important role in establishing compliance behaviour. For example, since a person is likely to interact frequently with an organization such as a bank, they are more likely to have built enough trust over time and identify strongly with the organization. As a result, people tend to rely on shortcuts to make future decisions with such organizations.

Furthermore, since a person relies on their past experience and affiliation – and given organizations such as a bank’s frequency of legitimate, prior email correspondence – these relationships are an ideal target for fraudsters.

Fraudsters use three broad criteria for instilling trust. The first trust criterion is familiarity. This means that a customer feels as if the email they are reading is authentic and credible, and so they believe and have confidence in it.

Second, the phishing email appears to be similar to previous emails. For example, since banks have a large customer base and are popular brands, fraudsters have easy access to previous emails or brand information, which they can use to mimic previous correspondence.

Third, the design of the email has a professional look and feel. To elaborate, the email has a clean and consistent design, consistent graphic design and use of fonts, is easy to read and adheres to proper grammar and spelling conventions.

While trust lures are used to enhance the credibility and authenticity of many scams, both trust and urgency lures are often used together. However, my colleagues and I believe that it is mainly the urgency lures that make victims vulnerable.


Do not get hooked by crooks. Asess carefully. Many scams do not employ the organization’s logos or corporate colours, have sloppy spelling and grammar, and make little attempt to disguise the email domain name.

Furthermore, scams tend to refer to the client in general terms such as “Dear Valued Customer’, even ‘Valued Clients’, and ‘Dear Client’ whereas the standard practice at professional organizations is personalised, such as Dear '<Title> <Firstname/Preferred name><Surname>'.

Many scams also use emoticons such as the exclamation mark (!) and CAPITAL LETTERS to prime urgency – a practice that legitimate organizations are unlikely to employ.

These kinds of distrust cues should trigger you to swim away.


It is generally best to ignore and even delete these emails.

  • If you are susceptible to urgency cues, set aside email involving transactions (requiring personal details or account information) by moving it into a special queue and processing it later, when the situation is calmer and there is time to make an informed analysis of the situation. THEN DELETE IT!

Introduce further steps in processing transaction related emails

  • by viewing the organization’s archives of scams (However self-reliance is perhaps a better approach as organizations are sometimes slow to update their latest scam list).
  • by calling the organization directly (i.e. get the phone number from a legitimate source) and asking for advice.

Look for distrust cues mentioned above (from, to, date, subject, content, links and attachment components).

  • Assess trust cues. Is the correspondence similar to the organization they claim to be representing? Perhaps keep and look at the organization’s previous exemplar emails.
  • Do not click on any link from a suspicious email to avoid the risk of activating key logging software or viruses.
  • Do not provide your personal details or account information via email.

Fraudsters are constantly adapting their urgency and trust lures to deceive people. Don’t be another victim.

Don't allow your lizard brain to succumb to flattery, greed or fear.

Be vigilant and good luck out there.

(Based on a paper presented at the 10th International Conference on Cyber Warfare and Security ICCWS-2015)

News24 Voices Terms & Conditions.


AB praises selfless skipper

2010-11-21 18:15

Join the conversation! encourages commentary submitted via MyNews24. Contributions of 200 words or more will be considered for publication.

We reserve editorial discretion to decide what will be published.
Read our comments policy for guidelines on contributions.

Inside News24

Traffic Alerts
There are new stories on the homepage. Click here to see them.


Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire network.


Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.