Toggle light / dark theme

The psychology of phishing: why do we fall for terrible email scams?

Posted in cybercrime/malcode, finance

This is an article from 2014, but it’s interesting — especially for why phishing emails are so lame. Money quote:

‘The answer is that the implausibility is a useful tool for the scammers. An entirely believable email would get millions of people falling for the bait – most of whom would catch on later when the scammers started requesting private banking details. This way, the fraudsters can avoid wasting their time on no-hopers, knowing that any replies they do receive are … See More.


Maybe your bank wants you to update your password; maybe a new Facebook friend wants to show you a funny web page. Maybe a Nigerian lawyer wants to pass on a legacy from a long-lost relative.

What all of these people are really after, of course, are your password, bank details and, ultimately money. Such phishing scams, says Microsoft, are costing the world as much as $5bn a year. For some reason, the UK is a favourite hunting ground for the phishers: here, says security firm Proofpoint, unsolicited email is almost three times more likely to contain a malicious link than in the US.

But who falls for these scams? Well, you do. While it’s easy to assume that only the technologically illiterate will be vulnerable, new research shows that in fact the reverse is true.