Principles of persuasion in social engineering and their use in phishing

Ana Ferreira*, Lynne Coventry, Gabriele Lenzini

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

45 Citations (Scopus)

Abstract

Research on marketing and deception has identified principles of persuasion that influence human decisions. However, this research is scattered: it focuses on specific contexts and produces different taxonomies. In regard to frauds and scams, three taxonomies are often referred in the literature: Cialdini’s principles of influence, Gragg’s psychological triggers, and Stajano et al. principles of scams. It is unclear whether these relate but clearly some of their principles seem overlapping whereas others look complementary. We propose a way to connect those principles and present a merged and reviewed list for them. Then, we analyse various phishing emails and show that our principles are used therein in specific combinations. Our analysis of phishing is based on peer review and further research is needed to make it automatic, but the approach we follow, together with principles we propose, can be applied more consistently and more comprehensively than the original taxonomies.

Original languageEnglish
Title of host publicationHuman Aspects of Information Security, Privacy and Trust
Subtitle of host publicationThird International Conference, HAS 2015 Held as Part of HCI International 2015, Los Angeles, CA, USA, August 2-7, 2015, Proceedings
EditorsTheo Tryfonas, Ioannis Askoxylakis
Place of PublicationCham
PublisherSpringer
Pages36-47
Number of pages12
ISBN (Electronic)9783319203768
ISBN (Print)9783319203751
DOIs
Publication statusPublished - 21 Jul 2015
Externally publishedYes
Event3rd International Conference on Human Aspects of Information Security, Privacy and Trust, Held as Part of 17th International Conference on Human-Computer Interaction, HCI International 2015 - Los Angeles, United States
Duration: 2 Aug 20157 Aug 2015
Conference number: 3rd

Publication series

NameLecture Notes in Computer Science (LNISA)
PublisherSpringer
Volume9190
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference3rd International Conference on Human Aspects of Information Security, Privacy and Trust, Held as Part of 17th International Conference on Human-Computer Interaction, HCI International 2015
Abbreviated titleHAS 2015
Country/TerritoryUnited States
CityLos Angeles
Period2/08/157/08/15

Keywords

  • Social engineering
  • Principles of persuasion
  • Phishing emails

Fingerprint

Dive into the research topics of 'Principles of persuasion in social engineering and their use in phishing'. Together they form a unique fingerprint.

Cite this