Abstract
Financial literacy may not be as effective as previously thought in protecting against fraud victimisation. It does not inoculate investors from persuasion or social engineering tactics used by offenders to secure investment in fraudulent schemes. In fact, recent research indicates that overconfidence in investment knowledge may make individuals more susceptible to fraud. Using boiler room fraud as a case study, this article introduces the PREY (Profiled, Relational, Exploitable and Yielding) model to capture the psychological tactics used by fraud perpetrators to influence the thoughts and decision-making processes of individuals. The PREY model operationalizes the tenets of social engineering and demonstrates how such tactics could be re-engineered to increase the effectiveness of fraud prevention within the financial literacy context.
Similar content being viewed by others
References
Abraham, S. and Chengular-Smith, I. (2010) An overview of social engineering malware: Trends, tactics and implications. Technology in Society 32 (3): 183–196.
American Association of Retired Persons (AARP) (2007) Stolen futures: An AARP Washington survey of investors and victims of investment fraud. http://assets.aarp.org/rgcenter/consume/wa_fraud_07.pdf, accessed 23 February 2013.
American Association of Retired Persons (2008) Consumer fraud: A 2008 survey of AARP Colorado members’ experiences and opinions. http://assets.aarp.org/rgcenter/consume/co_fraud_08.pdf, accessed 23 February 2013.
American Association of Retired Persons (2011) AARP Foundation national fraud victim survey. http://assets.aarp.org/rgcenter/econ/fraud-victims-11.pdf, accessed 23 February 2013.
Applegate, S. (2009) Social engineering: Hacking the wetware!. Information Security Journal: A Global Perspective 18 (1): 40–46.
Australia and New Zealand Banking Group Limited (ANZ) (2011) Adult financial literacy in Australia, http://www.anz.com.au/resources/f/9/f9fc9800493e8ac695c3d7fc8cff90cd/2011-Adult-Financial-Literacy-Full.pdf.pdf?CACHEID=f9fc9800493e8ac695c3d7fc8cff90cd, accessed 20 May 2013.
Australian Crime Commission (ACC) and Australian Institute of Criminology (AIC) (2012) Serious and Organised Investment Fraud in Australia. Canberra, Australia: Australian Crime Commission and Australian Institute of Criminology.
Australian Securities and Investment Commission (ASIC) (2002a) International Cold Calling Investment Scams. Canberra, Australia: Australian Securities and Investment Commission.
Australian Securities and Investment Commission (2002b) Hook, Line and Sinker: Who Takes the Bait in Cold Calling Scams? Canberra, Australia: Australian Securities and Investment Commission.
Bakhshi, T., Papadaki, M. and Furnell, S. (2009) Social engineering: Assessing vulnerabilities in practice. Information Management and Computer Security 17 (1): 53–63.
Beaver, K. (2009) Social engineering. Security Technology Executive (April): 35–36.
Button, M., Lewis, C. and Tapley, J. (2009) Fraud Typologies and Victims of Fraud: Literature Review. London: Centre for Counter Fraud Studies.
Deevy, M., Lucich, S. and Beals, M. (2012) Scams, schemes and swindles: A review of consumer financial fraud research, Financial Fraud Research Center. http://fraudresearchcenter.org/wp-content/uploads/2012/11/Scams-Schemes-Swindles-FINAL_11.20.121.pdf, accessed 23 February 2013.
Gamble, K., Boyle, P., Yu, L. and Bennett, D. (2012) Aging, financial literacy and fraud. Social Science Research Network, http://ssrn.com/abstract=2165564 or http://dx.doi.org/10.2139/ssrn.2165564, accessed 25 February 2013.
Joo, S. (2008) Personal financial wellness. In: J.J. Xiao (ed.) Handbook of consumer finance research. New York: Springer.
Lusardi, A. (2012) Financial literacy and financial decision making in older adults. Journal of the American Society on Aging 36 (2): 25–32.
Malone, K., Stewart, S.D., Wilson, J. and Korsching, P.F. (2010) Perceptions of financial well-being among American women in diverse families. Journal of Family and Economic Issues 31 (1): 63–81.
Manske, K. (2000) An introduction to social engineering. Information Systems Security 9 (5): 53–59.
Mitnick, K. and Simon, W. (2002) The Art of Deception: Controlling the Human Element of Security. Indianapolis, IN: Wiley.
NASD Investor Education Foundation (2006) Investor fraud study: Final report, http://www.sec.gov/news/press/extra/seniors/nasdfraudstudy051206.pdf, accessed 25 January 2013.
National Fraud Authority (2012) Annual Fraud Indicator. London: Home Office.
Okenyi, P. and Owens, T. (2007) On the anatomy of human hacking. Information Systems Security 16 (6): 302–314.
Peltier, T. (2006) Social engineering: Concepts and solutions. Information Security and Risk Management 15 (3): 13–21.
Power, R. and Forte, D. (2006) Social engineering: Attacks have evolved but countermeasures have not. Computer Fraud and Security 2006 (10): 17–20.
Rusch, J. (1999) The social engineering of internet fraud, http://www.isoc.org/inet99/proceedings/3g/3g_2.htm, accessed 25 February 2013.
Sagarin, B.J., Cialdini, R.B., Rice, W.E. and Serna, S.B. (2002) Dispelling the illusion of invulnerability: The motivations and mechanisms of resistance to persuasion. Journal of Personality and Social Psychology 83 (3): 526–541.
Taskforce on Financial Literacy (2010) Canadians and their money: Building a brighter financial future, http://www.financialliteracyincanada.com/pdf/canadians-and-their-money-4-rec-eng.pdf, accessed 25 February 2013.
Thompson, S. (2006) Helping the Hacker? Library information, security and social engineering. Information Technology and Libraries 25 (4): 222–225.
Workman, M. (2007a) Wisecrackers: A theory-grounded investigation of phishing and pretext social engineering threats to information security. Journal of the American Society for Information Science and Technology 59 (4): 662–674.
Workman, M. (2007b) Gaining access with social engineering: An empirical study of the threat. Information Systems Security 16 (6): 315–331.
Workman, M. (2008) A test of security interventions for security threats from social engineering. Information Management and Computer Security 16 (5): 463–483.
Acknowledgements
The authors gratefully acknowledge the support of Detective Constable Michael Kelly, Financial Crimes Unit, Toronto Police Service.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Drew, J., Cross, C. Fraud and its PREY: Conceptualising social engineering tactics and its impact on financial literacy outcomes. J Financ Serv Mark 18, 188–198 (2013). https://doi.org/10.1057/fsm.2013.14
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1057/fsm.2013.14