Anna Collard, SVP of content strategy and evangelist for KnowBe4 Africa.
People are significantly more vulnerable to cyber crime when they are in weakened psychological states, such as hungry, angry, lonely or tired, as well as during shopping frenzies like Black Friday, when they are less likely to be vigilant.
Making matters worse, becoming a victim of cyber crime triggers further emotional distress.
Criminals deliberately target people when they are distracted, multitasking or emotionally triggered, says Anna Collard, SVP of content strategy and evangelist for KnowBe4 Africa.
“We become more impulsive. We click on things we shouldn’t be clicking on, and criminals will exploit that on purpose.”
Speaking during a recent Investec podcast, Collard explained that criminals exploit what psychologists call “the HALT problem,” when people are hungry, angry, lonely or tired, which leads to impulsive decisions.
Research from Hoxhunt, a human risk platform, has outlined times when people are most likely to be susceptible. People are 10 times more likely to click phishing links during working hours, when “actively working and engaged with e-mail during the day, creating more total opportunities for a malicious link to be clicked,” it says.
After-hours e-mail checking is also a problem because employees are twice as likely to click phishing links, rather than report them, outside normal business hours, the company says.
“When people check e-mails in their downtime, they’re often more relaxed or distracted, lowering their guard against suspicious messages. During weekends, that vulnerability appears to double,” Hoxhunt notes.
“This effect is potentially tied to users being less work-focused and more casual in their e-mail screening.”
Black Friday is a particularly high-risk period, Collard warned, “when phishing and WhatsApp scams spike”. The shopping event, originating as the Friday after US Thanksgiving during November, has evolved into a global phenomenon, with discount hype spanning the entire month.
Human risk management company CybSafe found similar patterns during the COVID-19 pandemic. Its research shows fear of the virus directly influenced the success of COVID-19-themed phishing scams, while “anxiety, stress and risk-taking influenced the success of both COVID-19-themed and common phishing scams”.
Research published on the National Library of Medicine’s PubMed Central platform found that, although physical crimes like housebreaking decreased during the pandemic, there was a “noticeable shift and surge towards online fraudulent activities”.
Phishing attacks quadrupled during the outbreak and continued escalating, increasing eightfold by 2022, the paper says.
“Fraudsters have often benefited from disasters,” the report states.
Collard adds that fraudsters exploit times of panic and stress directly. They will contact you via e-mail and say, “we’re from Apple, from Google, we noticed some suspicious activity, just verify your account details,” she notes.
Such phishing attempts can give criminals access to iTunes, WhatsApp and other services, enabling scams targeting friends and family, Collard says.
“There’s not one silver bullet” for security, Collard warns. Protecting yourself means layers of precaution, such as using near-field communications for point-of-sale-payments, a password manager, biometric security and virtual bank cards, even if this is inconvenient, she explains.
