Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Banner Left
Banner Right

Catching online scammers, new models combine data, behavioural science

When fiction’s most famous detective, Sherlock Holmes, needed to solve a crime, he used his sharp observational skills and deep understanding of human nature to face off against his arch-nemesis, Dr James Moriarty, a villain adept at exploiting human weaknesses.

Like Moriarty, cybercriminals use cunning strategies to exploit their victims’ psychological vulnerabilities, often emails or messages that appear to be from trusted sources such as banks, employers, or friends. These messages may contain urgent requests or alarming information to provoke an immediate response.

For example, a phishing email might claim there has been suspicious activity on a victim’s bank account and prompt them to click on a link to verify their account details. Or individuals are manipulated into divulging confidential information to compromise their own or a company’s security.

Recently, I worked with Shiven Naidoo, a master’s student in data science, to understand how behavioural science and data science could join forces to combat cybercrime.

COMBINING DISCIPLINES

Data science uses scientific methods, processes, algorithms and systems to extract knowledge and insights from structured and unstructured data. The behavioural sciences study human behaviour, considering principles that influence decision-making and compliance.

We drew extensively from United States psychologist Robert Cialdini’s social influence model in our study which has been applied in cybersecurity studies to explain how cybercriminals exploit psychological tendencies.

Cybercriminals exploit humans’ tendency to be obedient to authority by impersonating trusted figures to spread disinformation. They also exploit urgency and scarcity to prompt hasty actions, or the tendency to follow the actions of those similar to us.
COMBINING INSIGHTS

Our data consisted of known scams such as phishing and other malicious activities. It’s tough to draw insights from unstructured data. Models can’t easily discern between meaningful data points and those that are irrelevant or misleading (we call it “noisy data”). Data scientists rely on feature engineering to cut through the noise.

We used domain knowledge from behavioural science to engineer and label meaningful features in unstructured scam data. Scams were labelled based on how they used Cialdini’s social influence principles. For example, a phishing email might use the principle of urgency by saying “your account will be locked in 24 hours if you do not respond!”.

The results showed that certain social influence principles such as “liking” and “authority” were frequently used together in scams. We also found that phishing scams often employed a mix of several principles. This made them more sophisticated and harder to detect.

The results gave us valuable insights into how often different types of social influence principles (such as urgency, trust, familiarity) are exploited by cybercriminals.

Our results are invaluable for mining insights from complex cybercrime data. This kind of analysis can be used by cybersecurity professionals, data scientists, cybersecurity firms and organisations involved in cybersecurity research to improve automated detection systems and inform targeted training.

Stay informed with The Namibian – your source for credible journalism. Get in-depth reporting and opinions for only N$85 a month. Invest in journalism, invest in democracy –
Subscribe Now!

Latest News