Factors in Fraudulent Emails that Deceive Elderly People

  • Jean-Robert Nino
  • Gustav Enström
  • Alan R. Davidson
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10297)

Abstract

Fraud over the Internet is an increasingly common phenomenon and very common in the form of emails. Though new forms of fraud appear, it is important to look at common denominators that have so far come to light, and try to determine how they should be addressed in order to create a safer stay for everyone on the Internet. With this as motivation, and with a special eye to groups that may be considered especially vulnerable, this study aims to investigate what factors in fraudulent emails that people aged 65 and older have difficulty identifying when they meet them.

The increasing use of the Internet, the target group’s vulnerability, and the increasing use of technology in everyday life imply that this kind of fraud is likely to be borne by society to an ever increasing extent. These factors paint a disturbing picture of how the situation is today and the direction in which the phenomenon is headed. It is therefore of interest to clarify which factors come into play in successful attacks against the target group in order to target countermeasures against this form of fraud. To accomplish this, a survey was conducted among residents of a nursing home and members of a Swedish national senior citizen organisation. The results from 122 respondents to our digital questionnaire show that the importance of technical factors in fraudulent email needs to be clarified for the studied group in order for them to make better, accurate assessments of the emails that they meet. The most common factor that the respondents failed to identify were links in the email that looked untrustworthy.

Keywords

Fraud Phishing Elderly people Email Social engineering IT-Security in society Cybercrime Trust 

References

  1. 1.
    Blythe, M., Clark, J., Petrie, H.: F for fake: four studies on how we fall for phish. In: ACM CHI Conference on Human Factors in Computing Systems, May 2011. http://citeseerx.ist.psu.edu/viewdoc/download;jsessionid=570414C69898DD2FA38D113C50EA27D3?doi=10.1.1.300.1855&rep=rep1&type=pdf. Accessed 03 Mar 2016
  2. 2.
    Kothari, C.R.: Research Methodology: Methods and Techniques. Google: New Age International (P) Limited, London (2004)Google Scholar
  3. 3.
    Carlson, E.: Phishing for elderly victims: as the elderly migrate to the internet fraudulent schemes targeting them follow (2007). http://publish.illinois.edu/elderlawjournal/files/2015/02/Carlson1.pdf. Accessed 17 May 2016
  4. 4.
    Dagens Industri: Varning för virusmejl från “Postnord” (2015). http://www.di.se/artiklar/2015/9/25/varning-for-virusmejl-fran-postnord/. Accessed 05 Mar 2016
  5. 5.
    Federal Bureau of Investigation. (n.d). common fraud schemes. FBI. https://www.fbi.gov/scams-safety/fraud/seniors. Accessed 24 Jan 2016
  6. 6.
    Google. (n.d.)a. Get started with forms. Google. https://apps.google.com/learning-center/products/forms/get-started/. Accessed 18 May 2016
  7. 7.
    Google. (n.d.)b. Welcome to Gmail. Google. https://www.google.com/intl/en/mail/help/about.html. Accessed 18 May 2016
  8. 8.
    Hadnagy, C.: Social Engineering: The Art of Human Hacking. Wiley, Indianapolis (2010)Google Scholar
  9. 9.
    Lind, J.: Polisen chanslös när bedrägerier ökar lavinartat. Dagens nyheter (2014). http://www.dn.se/nyheter/sverige/polisen-chanslos-nar-bedragerier-okar-lavinartat/. Accessed 02 June 2016
  10. 10.
    Lumsden, J.: Guidelines for the Design of Online Questionnaires. Researchgate (2005). https://www.researchgate.net/publication/44079032_Guidelines_for_the_Design_of_Online-Questionnaires. Accessed 09 June 2016
  11. 11.
    Microsoft: add a hyperlink to an email message (2016). https://support.office.com/en-us/article/Add-a-hyperlink-to-an-email-message-48780838-1b3d-4def-8612-03100491024c. Accessed 17 May 2016
  12. 12.
    Microsoft. (n.d.). Ransomware. Microsoft. https://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx. Accessed 18 May 2016
  13. 13.
    Milletary, J.: Technical trends in phishing attacks. Carnegie Mellon University, USA (2005). https://resources.sei.cmu.edu/asset_files/WhitePaper/2005_019_001_50315.pdf. Accessed 18 May 2016
  14. 14.
    Mitnick, K.: The Art of Deception. Wiley Publishing, Indianapolis (2002)Google Scholar
  15. 15.
    National Crime Prevention Council: Bedrägerier och ekobrott. National Crime Prevention Council (2016). https://www.bra.se/bra/brott-och-statistik/bedragerier-och-ekobrott.html. Accessed 30 Mar 2016
  16. 16.
    Palmqvist, D.: Social-engineering ett hot mot informationssäkerheten? Sweden: Växjö University (2008). http://lnu.diva-portal.org/smash/get/diva2:205870/FULLTEXT01.pdf. Accessed 05 Feb 2016
  17. 17.
    Sheng, S., Holbrook, M., Kumaraguru, P., Cranor, L., Downs, J.: Who falls for phish? A demographic analysis of phishing susceptability and the effectiveness of interventions. Carnegie Mellon University, USA. Indraprastha Institute of Information Technology, India (2010). http://lorrie.cranor.org/pubs/pap1162-sheng.pdf. Accessed 25 Apr 2016
  18. 18.
    The Swedish Police: Vanliga nätbedrägerier. Polisen.se (2016). https://polisen.se/Utsatt-for-brott/Skydda-dig-mot-brott/Bedrageri/Vanliga-natbedragerier/. Accessed 15 May 2016
  19. 19.
    Tsow, A., Jakobsson, M.: Deceit and deception: a large user study of phishing. Indiana University Bloomington, USA (2007). http://www.cs.indiana.edu/pub/techreports/TR649.pdf. Accessed 02 May 2016
  20. 20.
    United States Computer Emergency Readiness Team: recognizing and avoiding email scams. USCERT. https://www.us-cert.gov/sites/default/files/publications/emailscams_0905.pdf. Accessed 03 May 2016
  21. 21.
    Youngblood, J.: A Comprehensive Look at Fraud Identification and Preventions. CRC Press, New York (2015)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Jean-Robert Nino
    • 1
  • Gustav Enström
    • 1
  • Alan R. Davidson
    • 1
  1. 1.Department of Computer and Systems SciencesStockholm UniversityStockholmSweden

Personalised recommendations