It seems all it takes for 75 percent of hackers and IT security professionals to hand over their personal online information is the seductive ways of a woman.
One would hope that IT workers on the frontlines of cybersecurity, as well as the technically adept hackers they battle, would know not to disclose personal information to a stranger they meet online. But that's not the case, according to a new study by the security firm Bitdefender, which found that both groups are likely to hand over their personal details to the right online "friend," especially if that friend is a woman.
Bitdefender researcher Sabina Datcu used a sample pool of 100 people, half from the IT security industry and the other half online criminals she found on underground cybercrime forums. To test how susceptible both groups were to scammers trolling for their online credentials such as passwords and phone numbers, Datcu created a fake profile of a 25-year-old woman, and then tailored it to each target group.
So while the fake woman's photos and information remained the same, for the IT experts, the woman's interests included security, psychology and literature, PCWorld reported. For the hackers, the woman was interested in psychology, reading news, "trying new things" and, of course, hacking.
After engaging the IT professionals and the hackers in an ongoing conversation online, Datcu's test subjects began to trust the "woman" they were chatting with, and, eventually, the woman duped 75 percent of the survey subjects into handing over personal information such as addresses, phone numbers, details about their children and their parents' names. Thirteen percent of the IT experts even sent the fake online woman various passwords to their online accounts.
Datcu presented her study at this month's Virus Bulletin Conference in Barcelona, Spain. In her description on the conference website, Datcu explained how the rules of people's behavior — even the people who make their living keeping computers and their users safe — suddenly change when they get online.
"No matter what 'side of the fence' they are on, people will behave the same: as though the virtual environment creates a second life, entirely different from the real one — they are willing not only to accept unknown persons inside their group just based on a nice profile, but also to reveal sensitive information (about their company, themselves and other persons) after a short online conversation."