- This topic has 1 reply, 1 voice, and was last updated 5 years, 5 months ago by .
Tagged: phishing
How do attackers use scarcity principle in social engineering?
People tend to want things that they think is limited in supply, exclusive or not easily available. For example, if someone goes to a shop and sees some discount is getting offered, the person is more likely to buy the item if he is told the discount is for limited time period only or the discount ends today. And attackers often exploit this in social engineering.
Let’s say, attackers send a phishing email to a victim. The email purportedly comes from a reputed ecommerce company and shows 60-70% discounts on some popular items. When a user falls victim and clicks on a buy now link, the victim is redirected to a fraudulent ecommerce website that looks quite similar to the original one. This is a good example of scarcity. Here attackers deceive a victim in believing that the popular items are scarce and heavily discounted.
Another example is a phishing email that informs a victim that the victim has won some lottery or lucky draw or some prince from some country wants to share his fortune with the victim. Here attackers are deceiving a victim in believing that the offers are exclusive to the victim.
Another good example of using scarcity in social engineering would be a phishing email that informs a victim that his account is about to be disabled and in order to prevent this happening the victim should click on a link and verify his information within 24 hrs. Here attackers create a sense of urgency by making a victim believe that the victim has only limited time in hand by which he has to provide his information and failing which his account will be disabled. Thus attackers often use scarcity principle in creating a sense of urgency to victims.
So, a phishing email that informs a recipient that his account is about to be disabled as his payment information could not be verified and hence the recipient should click on a link and provide his payment information within 24 hrs. is also an example of using scarcity principle in social engineering.
Hope this helps.
by Amrita Mitra | October 3, 2023 | Featured, Linear Algebra | 0 Comments
by Amrita Mitra | October 3, 2023 | Featured, Linear Algebra | 0 Comments
by Amrita Mitra | October 3, 2023 | Featured, Linear Algebra | 0 Comments
by Amrita Mitra | October 3, 2023 | Featured, Linear Algebra | 0 Comments
by Amrita Mitra | October 3, 2023 | Featured, Linear Algebra | 0 Comments
by Amrita Mitra | October 3, 2023 | Featured, Linear Algebra | 0 Comments
by Amrita Mitra | October 3, 2023 | Featured, Linear Algebra | 0 Comments
by Amrita Mitra | October 3, 2023 | Featured, Linear Algebra | 0 Comments
by Amrita Mitra | October 3, 2023 | Featured, Linear Algebra | 0 Comments
by Amrita Mitra | October 3, 2023 | Featured, Linear Algebra | 0 Comments
Please follow the link below to register for The Security Buddy.