SOFTWARES AND SOFT WORDS –
CYBERCRIME AS A TECHNICAL AND SOCIAL PHENOMENON
PART 3: SOFT WORDS – THE CRIMINALS AS SOCIAL ENGINEERS
In the previous part we have established that the software the criminals use, while efficient, are not necessarily very complicated. The idea of an omnipotent hacker being able to break any laws of logic with his neuro-linked computer and holographic interface is a product of science fiction. Technically the cyber criminals should often not even be called “hackers” since they are not “hacking” at all. As we observed previously, they are instead making you willingly give them what they want. These criminals are engineers, and the subject they are engineering is you, not your computer. This brings us to the concept of social engineering, the other foot of the cybercrimes.
Previously we have discussed the importance of common sense and how it keeps us safe. We remember that our instinct makes us avoid dark streets. The criminal social engineering is the enemy of our common sense. It attacks us in three ways. In the first form it aims to make us believe there is no dark street. In the second form it aims to make us believe that going to the dark street is in fact a good idea. And in the third form it tries turning our common sense upside down: it makes us believe that the well-lit and populated street is the danger that we should run away from in order to find safety in the dark street!
This form of social engineering exploits our willingness to believe familiar signs. When we are led to a website that looks familiar to us, we feel safe exactly because it is familiar. We do not question the signs and we do not notice the small mistakes discussed previously. In real life the dark street is obviously a dark street. On the internet, it is far less obvious, and when we see something that looks familiar to us, our mind tells us it is safe without taking that crucial second look that we would always take in reality.
This false sense of security is often combined with a false sense of danger. The emails claim that you should immediately log in to your account because there is an imminent danger that will threaten you if you do not do it at once. Sometimes the criminals may even call your phone and appeal to this danger in order to make you give up your private information. Such urgency leaves you no time to think or to take another look. This approach anticipates that your mind will panic, rush and make hasty decisions that will lead you directly into a trap.
Social engineering is dangerous, but also fairly easy to avoid. When in doubt, always ask yourself if there’s the possibility that someone is trying to manipulate you. Stay calm; do not panic. Give your common sense a moment to catch on and it will protect you on the internet just as it does in real life.