Context
Problem
The internet has allowed fraudsters to reach great number of people cost free. Fraud losses run into billions and usual fraud prevention measures are not enough. How do we educate and protect people from fraud victimization?
Solution
If there was a psychometric measure that pinpoints individual vulnerability to fraud offers, people would be able to get personal feedback and fraud prevention advice based on their individual vulnerabilities, rather than generic advice.
There’s a need to understand why some people are vulnerable to fraud offers and others aren’t, as this understanding could potentially lead to better fraud prevention and education. We are all vulnerable to fraud to some degree so anyone could benefit from knowing what makes them vulnerable.
People become fatigued when bombarded with fraud prevention
Abundance of advice online is overwhelming
Conflicting advice from different sources -
users cannot discern what is hi quality and
what is dated advice‘Do this’ or ‘Don’t do this’ advice, without explanation is largely ignored
Advice concentrates on frauds in operation after they happen and not on individual vulnerabilities
Knowing what areas of vulnerability are specific to them, may foster curiosity and engage people on a personal level and enables fraud prevention agencies to deliver targeted advice.
Outcome
Discovered valuable insights on fraud vulnerabilities and reasons why compliance with fraud offers happen
Designed and validated a measure of fraud susceptibility
Successfully validated the effectiveness of the measure through two different experiments mimicking real life scam situations
Key insights from the experiments
Previous fraud victims exhibited susceptibility
to fraudSusceptibility to phishing attacks can
be predictedPeople susceptible to fraud are more likely
to exhibit the Barnum effect
Key insights from Interviews
Scam experience has different stages
There are precursors influencing fraud compliance
Fraud vulnerability is down to combination of factors that are unique to each person
Fraud victims create avoidance strategies
Fraud leads to long term consequences
Project journey map and methods
Discover
Through interviews, participants were encouraged to develop their own narratives, however the goal was to cover predetermined themes. Initial codes were generated during transcription and finalized through iterative process of organizing the data into themes and sub-themes.
Design questions
Key insights gathered through the interviews with victims of fraud helped in formulating the concept of ‘vulnerability’. A total of 60 questions was generated around interview findings and the relevant literature on fraud.
Validate, refine, analyze and validate again
Questions were distributed to experts in field and fraud victims so they can validate them for applicability to fraud situations. Once questions were refined, large scale survey allowed us to develop the Susceptibility to Fraud measure.
I used ratings and qualitative comments to evaluate each question. Questions with low ratings were discarded, and some were improved based on feedback. The questions that made it into the survey were factor analyzed, which identified 5 separate factors that could be influential when it comes to fraud.
The measure was then validated across two large scale surveys, with a scam proxy measures, which I discuss along the findings.
Key insights - Interview study
Scam experience has different stages
Once collated and organized into themes and sub-themes, the data revealed that fraud victims typically go through different stages. These stages start with precursors to the scam, through the commitment stage, where they are in contact with the scammer, and an aftermath.
There are precursors
influencing fraud compliance
Life circumstances can make one more likely to engage with fraudulent offers. Lack of funds can lead to greater acceptance of risk.
Sam - interview participant
Greg - interview participant
Certain factors combine to create a perfect storm
Once a person is engaged (committed to the fraud offer), they can be influenced by different factors. These factors can be their own vulnerabilities (e.g. emotional reaction to the offer or inability to say no) or those pertaining to the perpetrator (e.g. scam and persuasion techniques used).
There are avoidance strategies
Fraud victims often implement behavioral strategies following victimization, in order to protect themselves in the future. This includes being more cautious online or less impulsive.
Some people are also able to recognize their vulnerabilities and compensate for them, avoiding scam situations as a result.
Fraud leads to long term consequences
Fraud leaves victims with more than financial consequences: psychological distress, anger, need for closure, resolution and justice, as well as loss of trust in society.
Bill and henry - interview participants
Although this insight did not influence questionnaire construction, it was an important discovery as it helped inform fraud prevention specialists how to manage victims’ expectations better.
Key insights - survey experiments
Measuring fraud vulnerability
Measuring fraud vulnerability is hard. You have to lie to participants and it’s unethical and previous research that did that, found out the hard way that people hate it. Other studies used scam examples, asking participants if they would respond, but what people say and do are two different things. So it took some creativity to come up with an idea of what would make a good measure of fraud vulnerability (i.e. act as a scam).
Stimuli
Since phishing emails are so omnipresent, I used Apple phishing email alongside the real Apple email as stimuli in the study. I asked participants in the study to decide if each was real or fake.
The goal was to see if this measure can predict fraud victims by indicating certain areas of vulnerability. Also who would be vulnerable to phishing attacks.
Previous fraud victims exhibit specific fraud vulnerabilities
People may have specific vulnerabilities when it comes to fraud. Participants that reported being victims of fraud were more compliant, impulsive and invested less time in decision making. Why is this important? Take compliance for example: a person realizes they are doing something that may not be good for them, they just find it easier to comply with requests, for whatever reason (e.g., politeness). Scammers often exploit this. Being impulsive and spending less time on making decisions leads to decisions based on emotion rather than rational thought, so again, may make people more vulnerable.
Susceptibility to phishing attacks can be predicted
Compliance and impulsivity can be detrimental when it comes to phishing attacks. In the experiment, participants that were more compliant and impulsive were less able to spot a phishing email and the same was true for less vigilant participants and those that make faster decisions.
The Barnum effect - another type of fraud?
So the measure was good against phishing attacks but what about different scams? Again, it took some creativity to come up with an idea for a proxy scam and then I thought of the Barnum effect.
The Barnum effect is a cognitive bias connected to acceptance of vague personality feedback. This type of feedback is often given to people during psychic or clairvoyant readings or similar (e.g. palm readings, astrology, tarot etc.). It seems accurate because it can apply to virtually anyone.
In fact…
Bertram Forer, the psychologist who found the Barnum effect, used daily horoscopes to compile vague feedback for his experiment.
Once a person receives this vague feedback, which seems accurate, they are likely to trust any other feedback.
Positive feedback is also accepted as highly accurate, while negative feedback is rejected.
Examples of vague and positive personality feedback
The goal was to see if my fraud susceptibility measure can predict people that would think vague and positive statements were accurate. I used vague, positive and negative statements in this survey experiment. I split participants into two groups, according to ratings on my measure: high and low susceptibility.
People susceptible to fraud are more likely to exhibit the Barnum effect
As predicted, I found that overall, participants accepted vague and positive personality feedback and rejected the negative. But individuals who are susceptible to fraud were more likely to accept highly negative feedback, and this was particularly true if a person is also compliant.
Compliant individuals accepted negative feedback but also thought positive feedback was less true of them. This is important because it suggests that compliant individuals have an increased vulnerabilities and could be particularly vulnerable to frauds that work by making the person feel bad, such as extortions emails.
Unexpected insights
Redesigning fraud prevention
My newly developed measure of fraud susceptibility shows that fraud vulnerability can be highly individual and that people have different vulnerabilities, which can also differ according to circumstances. Integrating the key insights from several studies I conducted suggested that there could be better ways of tackling fraud prevention - by assessing vulnerability first.
Using the Model of Fraud Susceptibility to understand anatomy of the scam experience
Compliance with fraud offers will be more likely if certain factors are present.
Precursors
Circumstances or social pressures can influence fraud complianceIndividual characteristics
Once the offer is deemed appropriate, impulsivity or compliance can enhance vulnerability, while vigilance and taking longer to make decisions, decrease it. For example, potential victim may decide that it may be worth checking facts before a decision is made or they may decide to think things over.Erroneous belief that scams only happen to certain people
This can also enhance vulnerability by inspiring false confidence.
Model of fraud susceptibility developed by Dove (2018)
Download my thesis: https://researchportal.port.ac.uk/portal/files/13066355/M.Dove_Thesis.pdf
Once they are affected by fraud, people use strategies to avoid it
Although the offer looks attractive, they may be aware that, in the past, impulsive decisions led to undesirable outcomes so they delay decisions. This decreases emotional involvement and allows time for careful information processing.
Impact
Susceptibility to Fraud Scale is the first
of its kind and has been developed to
help online users avoid fraud situations
by understanding personal vulnerabilities.
The scale has been requested for use
by National Trading Standards - UK governmental body that investigates
fraud and concentrates on fraud
prevention and protection (read more).
Different parts of this research have been presented at following conferences:
First Annual Cyberpsychology Conference, De Montfort University, Leicester, UK (2013).
Social Networking in Cyberspace Conference, University of Wolverhampton, UK (2015).
Rethinking Cybercrime Conference, University of Central Lancashire, UK (2016).
Science Together: Science Postgraduate Research Conference, University of Portsmouth, UK (2016).
Silence of the Scams: Progress, Practice and Prevention Conference, Brunel University London, UK (2016).
National Trading Standards and Consumer Empowerment Alliance Conference, UK (2017).