Abstract
Online fraud is ever-increasing with fraudsters who use a variety of platforms, like online employment classified advertisement databases, to defraud unsuspecting users. The literature suggests fraudsters achieve this by imitating legitimate individuals and organizations to deploy their SE characteristics and tactics for the purpose of gaining users' personal, sensitive and financial information for their own personal gain. The research objective of the current study is to explore the extent fraudsters' SE attacks, such as linguistic cues and tactics, differ depending on a user's online resume presentation on employment database websites. The current study uses a mixed methods analysis to quantify the qualitative data extracted from fraudsters who pretend to be legitimate employers/employment opportunities online. The findings suggest an association between unique fraudsters and fraud instances and the demographics of a featured resume profile. Additionally, the results indicate that a fraudster's technological ability and thus sophistication may influence SE characteristics, especially their tactics to defraud targets. The study emphasizes the critical role human behavior plays during an online fraud attack with recommendations for future research and policy. The findings suggest fraudsters socially learn and adapt to their online environment and consequently emphasize the importance of identifying offenders' ever-changing strategies to defraud users while educating potential targets.
Keywords: Online Fraud, Internet Fraud, Online Employment Fraud, Cybercrime
Introduction
Criminals increasingly use the internet to conduct online fraud. Specifically, criminals deploy socially engineering (SE) to conduct employment scams and identity theft to defraud suspecting users. SE is the use of the internet or internet-based technologies to intentionally deceive or manipulate users into divulging personal, sensitive, or financial information (Hadnagy, 2010, 2018; Hadnagy, 2019; Hadnagy & Schulman, 2021). The Internet Crime Complaint Center (2021) reports that employment scam losses have increased by 36.99% (from $45,487,120 to $62,314,015) from 2018 to 2020 (Internet Crime Complaint Center, 2021). Similarly, Identity theft losses have increased by 118.546% (from 100,429,691 to 219,484,699) from 2018 to 2020 (Internet Crime Complaint Center, 2021).
The increased prevalence of online fraud, like employment fraud and identity theft, can be attributed to the internet because criminals are not geographically restricted and therefore have a wide selection of targets. For example, a fraudster may feature a work-from-home employment opportunity to an online user, but in return, the target must provide personal, sensitive, and/or financial information in order to receive the position. As such, Jen Shah, who appeared in the popular series "Real Housewives," defrauded targets "to invest in dubious online projects and sold bogus business services from 2012" until 2022 (Feuerherd & Fitz-Gibbon, 2022). Additionally, research suggests fraudsters conduct identity theft and online fraud to evade law enforcement detection and cash-out illicit funds otherwise unavailable to them (Yip, Shadbolt, & Webber, 2013). Researchers have explored the SE tactics criminals deploy across platforms like romance databases and classified advertisements (i.e., eBay). Criminals have successfully conducted these scams because it is challenging to regulate human activities in global digital victimization (Holt, 2003).
To date, there are very few empirically published accounts of online employment fraud. Scholars examining online fraud have heavily relied upon self-reports and have primarily focused on criminals' SE tactics deployed on victims of fraud on romance databases (Cross, 2015; Cross, Dragiewicz, & Richards, 2018; Rege, 2009). Remarkably few studies have investigated criminals' tactics, such as the social engineering characteristics (i.e., linguistic cues) and tactics (i.e., phishing attacks) to defraud unsuspecting targets online (Lee, 2018; Leukfeldt & Holt, 2020; Maimon, Howell, & Burruss, 2021; Maimon, Santos, & Park, 2019), but specifically employment databases (Atkins & Huang, 2013; Conradt, 2012). The limited research exploring online fraud employment fraud only theoretically explains the phenomena (Conradt, 2012) or estimates the frequency of employment fraud attacks (Atkins & Huang, 2013).
The current study builds upon Conradt's (2012) initial theoretical application of socially learning with online fraud by concentrating on internet-based employment database fraud. Specifically, this study adds to the literature by first analyzing online employment fraudsters' imitation of legitimate employers (via social learning) within the online environment. Then, this study examines online fraudsters' SE characteristics (i.e., linguistic cues) and tactics (i.e., phishing attacks) through their use of imitation of legitimate employment opportunities (via employers), which is a critical element of social learning theory (see Conradt (2012), for an example of social learning applied to online fraud) to then explore the influence of target selection (i.e., victims) and the SE attack a fraudster deploys (Akers, 2009).
Literature Review
Online Fraud
Fraud is the deliberate deception that leads to personal and/or financial gain (Merriam-Webster, 2019). Fraud occurs within the digital and physical environment with online criminals who defraud other users to further their financial profits (Internet Crime Complaint Center, 2021; Kigerl, 2018). Online fraud is the use of "internet services or software with Internet access" to defraud individuals, organizations, or entities intentionally (FBI, n.d.).
Researchers have examined offenders' victims, characteristics, and tactics (Cross & Kelly, 2016; Holt et al., 2020; Huang, Stringhini, & Yong, 2015; Junger et al., 2017; Park et al., 2014; Pellón & Anesa, 2020; Rege, 2009). Specific to victims, Cross et al.'s (2018) research indicates that victims are psychologically manipulated with fear, isolation, and monopolization tactics. Rege (2009) supports this contention by demonstrating how fraudsters groom their victims into submission with promises of love. At the same time, Cross and Kelly's (2016) findings suggest that offenders' will modify their schemes "to entice the victim to continue sending money" (p. 815). A notable example of this is Cross and Holt's (2021) examination of fraudsters' narratives, which suggests fraudsters deploy limited to no narrative differences in romance scams to defraud targets. Specifically, there was not a difference in the narratives used by fraudsters' SE military backstories compared to fraudsters who used alternative backstories during romance scams (Cross & Holt, 2021; Putera & Huda, 2021; Wang et al., 2021; Yusni, Nasutiori, & Tan Kamello, 2021).
Consequently, it should not be surprising that research indicates fraudsters' characteristics (i.e., online personas) are similar in composition (Edwards, Peersman, & Rashid, 2017; Huang et al., 2015). Specifically, Huang and colleagues' (2015) research indicates that users presenting as females on dating websites are more likely to be fraudsters than those presenting as males. Similar to fraudsters, a few offenders are responsible for numerous scams. For instance, Park et al. (2014) discovered that only ten groups of scammers were responsible for approximately half of the Craigslist scams with phone numbers associated with fraudsters located in the United States and Nigeria. Likewise, Pellón & Anesa's (2020) findings suggest fraudsters will use words that elicit intimacy, sincerity, and urgency to build a relationship with their victim in online communications. The similarities in fraudsters' communication could be attributed to Rege's (2009) findings indicating that many online fraudsters participated in criminal networks sharing monetary funds and resources. Therefore, fraudsters' similarities are necessary to examine because the most prolific online fraud criminals use SE characteristics and tactics.
Social Engineering (SE)
Criminals use SE tactics to conduct their fraudulent schemes (Carnegie Mellon University, 2020; Hadnagy, 2010; Hatfield, 2018; Rege, Williams, & Mendlein, 2019). Specifically, fraudsters will intentionally act and interact with a target to influence an individual's actions, frequently resulting in sensitive and financial loss (Hadnagy, 2010; Rege et al., 2019). Criminals' SE tactics often involve pre-texting (Carnegie Mellon University, 2020; Krasauskas & Mačernytė-Panomariovienė, 2021).
Pre-texting is a type of SE attack where an offender creates a fake scenario to influence a target into disclosing personal, sensitive, and/or financial information (Carnegie Mellon University, 2020; Hadnagy, 2010). Pre-texting scenarios require offenders to build rapport with their targets to understand and comprehend the social and situational environment (Carnegie Mellon University, 2020; Hadnagy, 2010,2018; Hadnagy, 2019). Criminals often use pre-texting when deploying phishing attacks to establish credibility with a target and nudge the target into clicking on the deployed hyperlink (Ngambeki et al., 2021). Phishing is a type of SE attack where an offender impersonates a legitimate person, company, or governmental entity and sends an unsolicited hyperlink via email to a target that requests sensitive and financial information (Chiluwa & Anurudu, 2020; Workman, 2008). Like phishing, the key to these SE attacks is the routine activities users (i.e., offenders and victims) participate in online.
Research suggests successful SE attacks involve fraudsters deceptively nudging or persuading targets to engage in scams (Alkhalil et al., 2021). Specifically, fraudsters employ normative persuasion cues and strategies (see Whitty (2013)), like linguistic cues of authority, politeness, urgency, and delay, in a staged approach (Alkhalil et al., 2021; Atkins & Huang, 2013; Rouse, 2013). An example of this is Whitty's (2013) research identifying the authority cues offenders use to persuade targets of their legitimacy (Whitty & Buchanan, 2012). Similarly, Atkins and Huang's (2013) research suggests that 100% of fraudsters use authority cues to defraud victims. At the same time, 74% and 71% of fraudsters deploy cues of politesses and urgency to defraud targets, respectively (Atkins & Huang, 2013).
An overview of these attacks includes the planning, collecting of victims' information, and the acquisition phases (Alkhalil etai., 2021; Rouse, 2013). Specifically, the planning phase involves the offender preparing the scam tactic, like the software used to defraud the target. The offender will collect the target information in the information phase. Lastly, the offender illegally utilizes the victims' information in the acquisition phase (Alkhalil et al., 2021). A fraudster, for example, may sell victims' identities acquired from their fraudulent schemes to other fraudsters in the acquisition phase. Regardless of how fraudsters are able to exploit targets, the key to a fraudster's successful scheme is their ability to garner unsuspecting and unprotected targets' trust via communication (Whitty & Buchanan, 2012).
Routine Activities Theory (RAT)
Routine activities theory (RAT) has explained all forms of criminality, like online fraud. RAT, proposed by Cohen and Felson (1979), assert crime occurs when a capable offender, a suitable target, and the absence of guardianship converge in time and space. Originally, RAT was used to explain burglary rates in the U.S. post-World War II (see Cohen and Felson (1979)). Recently, RAT has been used to explain homicide, physical assault, sexual offenses, vandalism, larceny, environmental crimes, and cybercrimes (Choi, 2008; Corcoran, Zahnow, & Higgs, 2016; Henson, Reyns, & Fisher, 2011; Messner & Tardiff, 1985; Mustaine & Tewksbury, 1998, 2000; Pratt, Holtfreter, & Reisig, 2010; Stewart, Elifson, & Sterk, 2004; Wang et al., 2015; Williams, 2016).
Specific to cybercrime, Choi's (2008) research suggests a user's online behavior and physical guardianship (i.e., virus protection) were associated with victimization. Likewise, Wang et al.'s (2015) research indicates that the locations a target visits on the internet can increase the likelihood the target becomes victimized. Similar to Wang et al.'s (2015) that suggests the onus of responsibility is on the users (see Cross (2013)) for support of this contention), William's (2016) research suggests users are defrauded when the individual avoids personal guardianship (i.e., virus protection). Therefore, increasing and incorporating internet-dependent and mediated activity, such as an individual's daily online activity on e-commerce websites, may increase a user's contact with fraudulent activity such as cybercriminals and lack of guardianship (i.e., virus protection) (Cohen & Felson, 1979).
Although RAT has assisted in explaining the increasing prevalence of cybercrime (Pratt et al., 2010; Williams, 2016), it does not thoroughly account for all the additional technological users, like the website administrators overseeing online employment databases, in the commission of online fraud. Additionally, it does not thoroughly account for fraudsters' direct interactions with victims. The socially learning theory can fulfill this void by explaining the influence of all actors involved on fraudsters' SE operations.
Criminals, like fraudsters, socially learn criminality through definitions and imitation (Conradt, 2012; Lichter & McCloskey, 2004; Skinner & Fream, 1997). By way of illustration, Lichter & McCloskey's (2004) research suggests individuals will define criminality and can be persuaded into a crime based on the attitudes of others (i.e., parents or media exposure) around them. Specific to the online environment, criminality can be learned or imitated when users visit deviant online forums (Skinner & Fream, 1997). An example of this can be observed in Skinner and Fream's (1997) research suggesting that non-offending technical users, who were encouraged by educational instructors to visit deviant online forums, imitated the criminals they observed and engaged in online criminality (Skinner & Fream, 1997). Similar to users' imitation of others on deviant online forums, criminals imitate legitimate individuals, companies, and governments to conduct online fraud, which can be observed through their fraudulent characteristics (i.e., linguistic cues) and tactics (i.e., phishing attacks).
Specific to employment fraud, offenders will imitate legitimate individuals, companies, and governments' linguistic cues and tactics to deploy their fraudulent scams. For example, an offender may use a governments' logo during a phishing email to establish creditability with their target. An offender may pretend to be an employer seeking employees to steal targets' identities to further their monetary gains (Kigerl, 2018). Therefore, a target's lifestyle may influence how an offender pre-texts the fake employment scenario (Dillahunt et al., 2016).
The above research suggests social learning influences online fraudsters' SE attacks. Therefore, it is crucial to explore how criminals imitate and consequently modify their behaviors to victimize unsuspecting users who have featured themselves on employment databases.
Theoretical Framework
Social Learning Theory
Akers (2009) contends criminality is learned through interactions and situations in social learning theory (Akers & Sellers, 2004). Akers's (2009) theoretical framework expands on Sutherland's (1947) nine propositions in differential association theory outlines the processes individuals learn and engage in crime. Akers (2009) applied Sutherland's (1947) differential association and definitions to social learning theory to explain criminality more thoroughly. Specifically, Akers (1998) argues that the more individuals are exposed to crime, the more likely they are to engage in crime than individuals who are not exposed to criminality.
Akers (1998) expounds upon social learning theory in four elements: differential association, definitions, differential reinforcement, and imitation. Differential association is the learning process where criminals and non-criminals learn what crime is through interactions with others. Criminals' and non-criminals' associations often vary between priority, frequency, duration, and intensity within relationships (Shadmanfaat et al., 2020). Criminal associations occur early in one's life (i.e., priority), often are more frequent (i.e., frequency), last longer (i.e., duration) than other relationships, and typically attach (i.e., intensity) individuals to their perceptions of criminality (Shadmanfaat et ah, 2020).
According to Akers (1998); Akers (2009), definitions are the meanings and attitudes an individual assigns to specific behaviors such as criminality. By way of illustration, Miller and Morris's (2016) exploration of meanings and attitudes on peer influence and deviance in the physical and digital environments suggests an association between deviant peers and interactions. Specifically, there was a positive association between students who engaged in deviancy online and those who had relationships with deviant online peers. Similarly, Shadmanfaat et ah (2020) findings indicate an online actors' differential associations directly affect their cyberbullying perceptions, including their willingness to cyberbully others via differential reinforcement, definitions, and imitation.
Differential reinforcement is an individual's values and attitudes to the anticipated cost and rewards for behaviors. Based on this assumption, it can be hypothesized crime increases when an individual is rewarded for deviant behaviors with approvals, such as social approval from politicians who also engage in online deviance. This is evident in the case of Bernatzky et ah's (2022) research that suggests online users who approved of President Trump's negative online interactions were more likely to create and distribute hateful content online. Similarly, Skinner and Fream (1997) suggest differential association and reinforcement are positively corrected with criminal behavior online, such as software piracy and password guessing.
Lastly, imitation is when individuals observe a particular behavior or norm others participate in and copy those actions. An example of cyber imitation can be observed in Hutchings and Clayton's (2016) findings that indicate cybercriminals who operate cybercrime websites offer other criminals instructions on how to conduct their operations. Therefore, based upon Akers's (2009) assertations presented in social learning theory, individual associations, definitions, differential reinforcement, and imitation should affect how criminals deploy online fraud attacks (Shadmanfaat et ah, 2020).
Social Learning Theory in Application
There is a notable paucity of empirical research investigating Akers's (2009) social learning theory to explore and examine online deviance and criminality (Conradt, 2012; Higgins, Fell, & Wilson, 2007; Kroher & Wolbring, 2015; Luca & Zervas, 2016; Ogunleye, Ojedokun, & Aderinto, 2019). Specific to Akers's (2009) elements of attitudes and meaning associated with dishonesty (i.e., deviance), Kroher and Wolbrign's (2015) research indicates students with dishonest attitudes and meanings
are only temporarily influenced by non-deviant peers, especially if deviancy produces positive external outcomes. In alignment with online deviance, as it pertains to dishonesty, Luca and Zervas' (2016) findings suggest business owners will leave fraudulent reviews favorable to their businesses on Yelp to increase their online visibility in hopes of increasing revenue via visits to their restaurants.
Specific to criminality, Higgins et al. (2007) identify the influence of low selfcontrol, peer influence, and piracy among college students. Specifically, Higgins et al. (2007) research suggests a positive correlation between students who contained low self-control and positive attitudes towards online piracy. The association among students was stronger if the student maintained peer relationships with others who had positive attitudes toward online piracy (Higgins et al., 2007).
Social learning theory has been directly and indirectly applied to the SE tactics of online fraudsters' motivations and imitations (Conradt, 2012; Ogunleye et al., 2019). Specifically, Ogunleye et al. (2019) identified fraudsters' pathways (i.e., motivations) and imitations. Ogunleye et al. (2019) research suggests offenders are primarily motivated to defraud targets for financial gain but have different pathways of criminal engagement with online fraud. For instance, online fraudsters attributed their pathway into online fraud to peer influences. Specifically, the majority of these fraudsters identified their male significant other as their primary peer influence.
Additionally, fraudsters reported modeling their fraudulent social media accounts from legitimate accounts to deploy their SE romance scams (Ogunleye et al., 2019). Similarly, Conradt's (2012) research examining online auction fraudsters suggests that an online fraud attack's success depends on whether offenders can learn how to exploit weaknesses within the digital environment (i.e., online environment) to defraud targets. Conradt (2012) highlights how offenders' behaviors will be socially reinforced if they can exploit the environment and receive a high dollar reward (Conradt, 2012). Therefore, offenders' definitions (i.e., attitudes) towards online fraud are positive if they readily participate in such criminality by deploying SE tactics, including intimation of others, to exploit the online environment (Conradt, 2012; Maimon & Louderback, 2019).
As previously stated, offenders pre-text the social and situational environment in which their fraudulent schemes are deployed. Psychological research suggests "get rich fast schemes" employment opportunities are attractive to employment seekers and often rely on victims' ignorance and/or self-control with fraudsters who commonly exploit (via pre-texting) these targets lack of education (Canter, 2009; Prinz, 2013). An example of this is how victims with low self-control are more likely to be less financially stable and fall victim to financial scams due to their willingness to take financial risks (Trahan, Marquart, & Mullings, 2005). Additionally, Dillahunt et al. (2016) found a higher risk of victimization among job seekers with limited technical knowledge and lower socioeconomic status due to a lack of technological education. Based upon this, offenders may imitate the structural and demographic (i.e., social, educational, and financial situation) constraints of a target seeking employment (Dillahunt et al., 2016; Trahan et al., 2005).
The Current Study
Research suggests imitation is critical to the characteristics and tactics of fraudsters' online attacks. For instance, Conradt (2012) attributes an online fraudster's socially learned criminal behavior to "imitation initially, and then reinforcement of the behavior by those individuals" (p. 917). Although Conradt's (2012) application of social learning theory initially analyzed online auction fraud, research has empirically supported this contention (Akers, 1998; Dillahunt et al., 2016; McQuade, 2006). The current research extends Conradt's (2012) work to assess the influence of socially learned imitation and reinforcement by deploying an online employment fraud study to examine the effect of victim selection on offenders' SE characteristics (i.e., linguistic cues) and tactics (i.e., phishing attacks). More specifically, the following question is addressed in a mixed-methods analysis of online fraudsters: To what extent do fraudsters imitate legitimate employers/employment opportunities with SE attacks to defraud specific targets via internet-based employment databases? Specifically, do fraudsters' SE attacks, such as linguistic cues and tactics, differ depending on a user's online resume presentation on employment database websites?
Methodology
Procedure
Research indicates geographic locations play an important role in determining a target's attractiveness (Kshetri, 2010). Specifically, Kshetri's (2010) findings indicate internet users displaying lower SES online are less appealing to offenders to target. Therefore, the researcher received approval from Georgia State University's Internal Review Board (IRB) to conduct the following study on Monster and Indeed with eight fictional resume profiles. The current research is exploratory via the researcher creation of eight employment resume profiles by observing other similar resume profiles on Monster and Indeed. The researcher divided the eight resume profiles by sex, education level, employment position, socioeconomic status, and location. The researcher evenly divided the eight resume profiles by gender; therefore, males were featured in four resume profiles, and females were featured in the other four. The researcher assigned the sex of the resume profiles by using commonly associated names with individuals identifying as male and female. An example of this is how a commonly associated name with individuals identifying as female is Samantha.
Research suggests job seekers of lower socioeconomic status in major metropolitan areas, specifically Detroit, have a limited understanding of technology and the importance of securing their digital data (i.e., thumb drives) (Dillahunt et al., 2016). Additionally, research indicates females are more likely than men to mitigate fraud, specifically securities fraud, within the workplace (Cumming, Leung, & Rui, 2015). Therefore, this study aims to explore the extent to which fraudsters' SE attacks, such as linguistic cues of politeness and urgency, and tactics (e.g., phishing attacks) differ depending on a user's online resume presentation on employment database websites.
Consequently, the researcher constructed eight distinct resume profiles to account for the different types of victims a fraudster may target. The four male and female resume profiles were divided by the four featured education levels, employment types, socioeconomic statuses, and locations. The four featured education levels were (1) GED, (2) high school diploma, (3) an associate degree with a certificate in paralegal studies, and (4) a four-year bachelor's in science degree in computer science. The four featured employment positions were (1) a child development specialist/nanny, (2) a teacher's aide, (3) a legal assistant/paralegal, and (4) a computer software engineer. The four featured socioeconomic statuses were resumes applying for employment opportunities offering approximately (1) $20,000/year, (2) $40,000/year, (3) $55,000/year, and (4) $80,000/year. The four featured locations were Chicago, Illinois, Atlanta, Georgia, Los Angeles, California, and New York, New York. Each resume profile stated "willing to relocate" to minimize selection bias.
The researcher systematically collected the data by contacting potential employment opportunities at an evenly distributed rate across time to minimize potential biases within the data collection process. Specifically, the researcher used common names for employment positions, like "nanny," "babysitter," "legal aid," and "computer software engineer" to apply for the employment opportunities respective to the featured resume profiles twice a week (i.e., Monday and Wednesday) for twelve weeks.2 Each resume profile was used to apply for the top five newest employment opportunities listed on Monster and Indeed most applicable to the education level, employment position, and salary (i.e., socioeconomic status) listed on the resume profiles. Therefore, a male and female resume profile applied for the same employment opportunities. Additionally, potential employers/employment opportunities the researcher did not apply to were allowed to contact the resume profiles. Therefore, there was an uneven number of employment opportunities each resume applied to.
Each profile resume was associated with unique employment database emails on Monster and Indeed, Gmail email accounts, and cell phone numbers. Each of these communication mediums was enabled to correspond with potential employers. The unique email exchanges, inboxes, cell phone numbers, and databases were periodically checked, and the researcher corresponded with potential employers through these communication mediums. All the data, such as the emails and SMS text correspondences between the featured employment opportunity and resume profiles, were documented, including but not limited to the online advertisement listed on Monster and Indeed applied to by each resume profile.
The current study uses a mixed methods analysis to quantify the qualitative data extracted from fraudsters who pretend to be legitimate employers/employment opportunities online. The researcher analyzed the sequence of an online fraud event using a "manifest content analysis" approach (Leech & Onwuegbuzie, 2008; Zhu et al., 2014). A manifest content analysis" is an analytical technique where the frequency of a specific data point, like the count of a specific word, is documented and analyzed (Leech & Onwuegbuzie, 2008). Zhu et al.'s (2014) hierarchical sequence of an online fraud event analysis provides a framework consistent with the operationalization of a manifest content analysis approach involving fraudulent interactions (i.e., events), including fraudsters' written texts and cues. Therefore, the researcher documented each fraudulent instance, including each resume profile a fraudster deployed an attack on by the (1) unique resume profiles' featured (1) gender, (2) education level, (3) employment position, (4) socioeconomic status (i.e., salary), and (5) location. Additionally, each fraudulent instance, including fraudsters, was documented by (1) type of fraudulent attack and (2) linguistic cues (i.e., politeness and urgency cues) used in the fraud attack.
Research indicates that online deception is determined by verbal and non-verbal written text and cues (Atkins & Huang, 2013; Pellón & Anesa, 2020; Zhou, Burgoon, & Twitchell, 2003). Based on this prior research, the unstructured qualitative data in this study was used identity fraudsters' linguistic cues (i.e., politeness and urgency cues).3 Although linguistic cues cannot be explicitly defined because of linguistical "gists" (see Luangrath, Peck, and Barger (2017) and Sidi, Glikson, and Cheshin (2021)), I categized politeness cues similar to Atkins and Huang (2013) with the words and phrases such as "please, and "kindly, and "thank you."4 For example, in the current dataset, a fraudster stated, "Kindly click the link below for more information..." A visual example can be observed in Image 1.
Similarly, I categized urgency cues akin to Atkins and Huang (2013) with words and phrases like "ASAP," "urgent/ly," and "now." A specific example of an offender's urgency cue in this data set was when a fraudster stated, "...please respond with your personal email address now." A visual example can be observed in Image 2.
Sample
The purpose of this study is to explore how fraudsters imitate the structural and demographic (i.e., social, educational, and financial situation) constraints of a target seeking employment on employment databases (Conradt, 2012; Dillahunt et al., 2016; Trahan et al., 2005). Therefore, the researcher created the unit of analysis in this study: fraud instance (N=40) and unique fraudster (N=32). The researcher assigned each unique fraudster a distinct number to account for each unique fraudster. Consequently, a fraudulent attack may include several fraud instances, and a fraudster may be associated with several different fraudulent instances
Dependent measures
Previous research has attributed offenders (i.e., fraudsters) interactions with victims through "crime scripts" (Lavorgna, 2014). A "crime script" details offenders' criminal engagement, which has helped researchers explore criminality, including the victims of particular crimes (Lavorgna, 2014). However, "crime scripts" can be so rigid and cause researchers to not thoroughly account for offenders SE tactics, including their targets' demographics (i.e., social, educational, and financial situation) and the types of characteristics and tactics used to defraud targets on online employment databases (Conradt, 2012; Dillahunt et al., 2016; Trahan et al., 2005). Additionally, fraudsters could deploy an online employment database scam in one or more of the modes of imitation because offenders and victims of online fraud are human beings, not machines, and consequently often vary their behaviors and actions (Gilmour, 2014; Lavorgna, 2014; Leclerc, 2013; Zhu et al., 2014). Therefore, research related to crime scripts is furthered through the exploration of additional factors that could influence fraudsters' SE attacks by creating the following dependent variables to account for fraudsters' various tactics and characteristics.
The researcher created the following contextual and structural variables, phishing/smishing attacks, sensitive information attack, received check, and fraudster asked victim to move digital platforms, to account for fraudsters' modes of attack, imitating legitimate employers during an employment database fraud attack. An example of this is how legitimate employers may follow up with a job candidate via a website hyperlink containing assessments for additional information from the prospective employee.
The variables, phishing/smishing attacks (no phishing/smishing attack= 0; phishing/smishing attack =1), sensitive information attack (no sensitive information attack = 0; sensitive information attack = 1), received checks (no check received =1; checked received= 1), and fraudster asked victim to move digital platforms (not asked to move =0; asked to move = 1) were measured on a nominal scale.
Specific to fraudsters' linguistic characteristics, the research created the following contextual variables, urgency cues, and politeness cues, to account for fraudsters' imitation of legitimate employers via linguistic cues during an employment database fraud attack. The variables, urgency cue (no urgency cues =0; urgency cues= 1) and politeness cue (no politeness cues =0; politeness cues= 1) were measured on a nominal scale.
Key independent measures
The researcher created the following independent variables to account for the structural and demographic characteristics of resume profiles a fraudster may attempt to exploit with the variables, sex, education level, employment type, and socioeconomic status. The variables, sex, education level, employment type, and socioeconomic status, were measured on a nominal scale. Specifically, the variable, gender, was measured as male and female (male = 0; female= 1). The variable, education level, was measured on a nominal scale with (1) GED, (2) high school diploma, (3) an associate degree with a certificate in paralegal studies, and (4) a four-year bachelor in science degree in computer science. The variable, employment position, was measured on a nominal scale with (1) a child development specialist/nanny, (2) a teachers' aide, (3) a legal assistant/paralegal, and (4) a computer software engineer. Lastly, the variable, socioeconomic status, was measured on a nominal scale with (1) $20,000/year, (2) $40,000/year, (3) $55,000/year, and (4) $80,000/year.
Control variables
The researcher featured resume profiles in four distinct with the "willing to relocate" to minimize selection bias. Specifically, the researcher created the variable, location, to control for the contextual, structural, and demographic influences of a resume profile on a fraudster. Location was measured on a nominal scale with (0) Los Angeles, California, (1) Chicago, Illinois, (2) New York, New York, and (4) Atlanta, Georgia.
Analytic strategy
A mixed methods analysis was conducted to analyze the data. Specifically, a series of bivariate analyses were conducted to assess the association between the relationship between unique fraudsters' SE characteristics and tactics on their targets on employment databases. Then, another set of bivariate analyses were conducted to assess fraudulent instances' characteristics and tactics on employment databases' targets (Farrington & Loeber, 2000; Kallenberg, Oosterhoff, & Schriever, 1985). A set of chi-squared goodness of fit tests is used to assess for counts of categorical variables and allowed me to determine if a variable is likely from a specific distribution or not. In this case, the chi-squared analysis allowed me to evaluate to what extent fraudsters imitate legitimate employers/employment opportunities with SE attacks to defraud specific targets on internet-based employment databases, including if the linguistic cues and tactics differed depending on a target's resume presentation on employment database websites. While the number of observations (i .e., fraudster and fraud attempt/attack instance) is small, the low frequency does not preclude the use of chi-squared goodness of fit tests (Kallenberg et al., 1985).
Results
The summary statistics are reported in Table 1. Specifically, there were a total of 32 unique fraudsters (M= 16.17, SD= 9.80)5 who targeted the eight featured resumes with fraudulent employment opportunities (i.e., fraud instance, M=6.82, SD= 2.54).6 The most common fraudulent attack tactic deployed by fraudsters were sensitive information attacks (52.2%), followed by phishing/smishing attacks (50%), asking the victim to move digital platforms (i.e., fraudster asked victim to move digital platforms at 37.5%) and check kiting and money laundering (i.e., received check at 10%). Fraudsters' SE characteristics varied, with 32.5% and 60% of fraudsters who used urgency and politeness linguistic cues, respectively. The demographics of those targeted (e.g., profile resumes) were equally disturbed across sex (M=0.487, SD= 0.506), educational level (M=l, SD= 0.9219), employment position (M=1.780, SD= 1.2147), socioeconomic status (M=1.4878, SD= 1.247), and location (M=1.780, SD= 1.214).
Table 2 presents a series of chi-square analyses between the presence of fraudsters' SE tactics deployed during an online fraud attack. The preliminary findings suggest a relationship between fraudsters who deploy phishing/smishing attacks and sensitive information attacks and ask victims to move digital platforms. Specifically, 50% of fraudsters deployed phishing/smishing attacks on employment databases (p < 0.05), 52.50% of fraudsters victimized targets with sensitive information attacks (p < 0.05), and 37.50% of fraudsters asked victims to move digital platforms (p < 0.05).
Turning to Table 3, no statistically significant relationship between offenders' SE characteristics via urgency and politeness cues during an online fraud attack on employment databases were observed.
A series of chi-square analyses were conducted to examine the relationship between offenders' SE attacks and resume profiles' demographics in Table 4. There is a positive, statistically significant association between unique fraudsters' SE attacks and victims' SES (37.50%, $20,000; 2.5%, $40,000; 32.50%, $55,000; 27.50%, $80,000) (p < 0.0). We also observed a positive, statistically significant association between unique fraudsters and victims' level of education (37.50%, GED; 2.5%, Highschool diploma; 32.50%, associate degree; 27.50%, bachelor's degree) (p < 0.0). Lastly, there is a positive, statistically significant association between unique fraudsters and victim employment position and victims' location (27.50%, California; 2.50%, Illinois; 32.50%, New York; 37.50%, Georgia) (p < 0.0).
Table 5 illustrates the association between fraudulent instances through SE tactics and characteristics and resume profile demographics in a series of Fisher's Exact tests (Voinov, Nikulin, & Balakrishnan, 2013). In contrast to earlier findings, however, there is no statistically significant association between fraudulent instances and fraudsters' types of SE tactics. Specifically, the analyses suggest no statistically significant association between fraud attack instance and tactic (i.e., phishing/smishing attack (p=0.59), sensitive information attack (p=0.53), fraudster asked victim to move digital platforms (p=0.89) and received check (p=0.50)).
Regarding the SE characteristics present in fraud attack instances observed in Table 6, there is a statistically significant association between politeness cues (p < .05). Specifically, 60% of fraud attacks contained politeness cues. However, there is no statistically significant association between fraud instances and urgency cues deployed during an online employment fraud attack (p=0.69).
Table 7 presents a series of chi-square analyses to examine the relationship between fraud attack instances and resume profiles' demographics. There is a positive, statistically significant association between fraud attack instances and victims' SES (36.59 %, $20,000; 4.88%, $40,000; 31.71%, $55,000; 26.83%, $80,000) (p < 0.0). We also observed a positive, statistically significant association between fraud attack instances and victims' level of education (36.59 %, GED; 4.88%, Highschool diploma; 31.71%, associate degree; 26.83%, bachelor's degree) (p < 0.0). Additionally, there is an observed positive, statistically significant association between fraud attack instances and victims' gender (48.78%, female; 51.22%, male). Lastly, there is a positive, statistically significant association between fraud attack instances and victims' employment position and victims' location (27.50%, California; 2.50%, Illinois; 32.50%, New York; 37.50%, Georgia) (p < 0.0).
Limitations
Despite these promising results, the current study sample was small. Therefore, the researcher was limited in the types of analysis that could be performed. Furthermore, the limited analysis prevented the researcher come accounting for the complexity of human behavior, such as fraudsters' technological ability and thus sophistication, which prior research suggests is pivotal to understanding offenders (Samtani et al., 2017). Therefore, more research on this topic needs to be undertaken concerning the association between fraudsters and targets (and victim selection) across databases to understand fraudsters' SE characteristics and tactics more clearly and provide guardians with more information regarding offenders of online fraud. Consequently, questions related to fraudsters' SE characteristics and tactics remain.
Discussion
The purpose of the current study was to determine to what extent fraudsters imitate legitimate employers and employment opportunities with SE attacks to defraud specific targets on internet-based employment databases. Specifically, the study examined the difference between fraudsters' deployed SE attacks, such as their linguistic cues and tactics, depending on a user's online resume presentation on employment database websites due to the increasing prevalence of fraud on employment databases impacting a growing number of unsuspecting targets and victims (Internet Crime Complaint Center, 2021). The findings emphasize the influence of victims' characteristics and demographics have on fraudsters' SE imitations of legitimate employers, as suggested in prior research (Conradt, 2012).
First, unique fraudsters' SE characteristics do not play as important of a role in defrauding targets in employment databases as fraudsters' SE tactics. Specifically, only when examining fraud instances as a whole are SE characteristics are linguistic cues of politeness significant. For example, 60% of fraud instances contained politeness cues to resume profiles (p < 0.05). These findings could suggest fraudsters' SE characteristics, such as linguistic cues of politeness, urgency, delay, romance, and formality, to name a few, may depend on the type of scam deployed (Atkins & Huang, 2013; Cross & Holt, 2021; Pellón & Anesa, 2020). Furthermore, it is possible the situational environment, specifically fraudsters' use of employment databases to defraud targets, influenced how and why they deployed particular SE characteristics (via linguistic cues). In comparison, Atkins and Huang's (2013) research explored fraudsters' SE characteristics within phishing and advance-fee email scams associated with financial institutions, suggesting that 71% and 70% of fraudsters deploy urgency in phishing and advance-fee emails, respectively.
Secondly, SE tactics are only statistically significant among unique fraudsters, not instances. Specifically, 50% of fraudsters deployed SE phishing/smishing attacks on the resume profiles (p < 0.05), 53% of fraudsters deployed SE sensitive information attacks on the resume profiles (p < 0.05), and 38% of fraudsters asked the resume profiles to move digital platforms (p < 0.05). These findings raise important theoretical issues regarding fraudsters' imitation of the legitimate employer(s). For instance, 50% of hyperlinks sent to resume profiles were not embedded with malicious software (e.g., phishing/smishing attacks) (p < 0.05). Similarly, 48% of legitimate employers inquired about resume profiles for sensitive information (p < 0.05). It is critical to highlight that approximately half of the unique fraudsters pretext a fake employment scenario to influence the resume profile into divulging personal and sensitive information via clicking on a malicious hyperlink and/or typing in sensitive information on a form or email (Dillahunt et al., 2016). Taken together, the similarity between legitimate employers and fraudsters who SE phishing/smishing and sensitive information attacks to targets demonstrate how fraudsters imitate legitimate employers to conduct their fraudulent attacks (Akers, 1998; Conradt, 2012).
The relationship between legitimate and legitimate employment scenarios may appear causal, but the scope of unique fraudsters' SE attacks also depends upon an offender's technological ability and, thus, sophistication (Samtani et al., 2017). SE phishing/smishing and sensitive information fraud instances, for example, are not statistically significant, perhaps because the type of attack depends on unique fraudsters' technological competence, which can be observed through the statistically significant analysis between unique fraudsters' SE tactics and resume profiles above. Nevertheless, this finding emphasizes the association between fraudsters' imitation of legitimate employers to continue contact with potential employees through their SE tactics (i.e., phishing/smishing links) regardless of their technological skill.
Another significant finding to emerge from this study is that the majority of demographics of a featured resume profile were significant among both fraudsters and instances of fraud, which emphasizes the importance that unique targets (i.e., victims) have on offenders. For example, resume profiles presenting lower SES and years of completed education were more likely to be targeted by fraudsters in fraudulent instances. Specifically, fraudsters targeted resume profiles presenting a SES of approximately $20,000 or less more frequently than resume profiles presenting other SES (e.g., 37.50%, $20,000; 2.5%, $40,000; 32.50%, $55,000; 27.50%, $80,000) (p < 0.0). Similarly, resume profiles presenting a SES of approximately $20,000 or less were more frequently targeted with fraudulent employment opportunities than resume profiles presenting other SES 36.59 %, $20,000; 4.88%, $40,000; 31.71%, $55,000; 26.83%, $80,000) (p < 0.0). Additionally, fraudsters targeted resume profiles presenting fewer years of completed education more frequently than individuals with higher levels of education (36.59 %, GED; 4.88%, Highschool diploma; 31.71%, associate degree; 26.83%, bachelor's degree) (p < 0.0). Likewise, resume profiles presenting completion of a GED were more frequently targeted with fraudulent employment opportunities compared to resume profiles presenting higher levels of education (36.59 %, GED; 4.88%, Highschool diploma; 31.71%, associate degree; 26.83%, bachelor's degree) (p < 0.0). The scope of demographics analyzed within this employment scam suggests fraudsters may intentionally target users whose lifestyles do not necessarily require interaction with technology (i.e., job duties via employment position). An example of this is how babysitters were targeted by fraudsters (38%, p < 0.0) and within fraud instances (37%, p < 0.0) at a higher percentage compared to their counterparts (e.g., teachers, paralegals, and computer scientists). Based upon Ogunleye et al. (2019) findings and in alignment with these results, fraudsters maybe motivated to target specific resume profiles based on their assumed education of online fraud (via interaction with technology based on profession) (Akers, 2009; Conradt, 2012).
First, the findings in this study suggest fraudsters socially learn and adapt to their online environment by imitating legitimate employers and featured employment opportunities (e.g., sending hyperlinks and inquiring for sensitive information) online to conduct online employment scams. Second, these findings highlight that fraudsters' SE tactics depend on a user's online resume presentation on employment database websites (i.e., resume profiles presenting babysitter positions were more frequently targeted by fraudsters and fraudulent opportunities). Consequently, Akers's (2009) assertations presented in social learning theory, specifically offenders' motivations and imitations, assist in explaining online employment database fraud. Furthermore, these results provide further support for the influence human characteristics and thus behavior has on fraudsters' SE characteristics and tactics (Lavorgna, 2014).
The current study highlights the importance of guardians' (i.e., researchers, law enforcement agencies, and website hosts) oversight, interactions, and education to all users. Specifically, guardians should educate all users on how to identify fraudulent individuals and opportunities by searching open search data for the information presented to targets online. Guardians should also inform users of who to contact if they fall victim to a scam to pursue and combat the offender from victimizing other users; this includes website hosts reviewing and removing suspected fraudulent users and opportunities in a more timely manner.
Nevertheless, these findings raise important theoretical issues that have a bearing on fraudsters' interactions on employment databases online. Further theoretical development is needed to more clearly articulate how fraudsters interact across databases, like romance websites, to observe if and how fraudsters' motivations and imitations differ depending on the scenario. To that end, future research should be conducted across databases to examine fraudsters' motivations and imitations of legitimate users.
Conclusion
The principal theoretical implication of this study is that fraudsters use SE characteristics and tactics to imitate legitimate employers and employment opportunities (Conradt, 2012). Specifically, fraudsters conduct online employment scams by imitating legitimate employers and employment opportunities featured online (via sent hyperlinks and inquiring for sensitive information). Additionally, the preliminary analysis suggests fraudsters' SE tactics depend on a user's online presentation (i.e., resume profiles presenting babysitter positions were more frequently targeted by fraudsters and fraudulent opportunities). However, the evidence from this study suggests that fraudsters' imitations of legitimate employers and employment opportunities vary, which could be attributed to their technological ability. Additionally, although this study focuses on fraudsters' SE characteristics and tactics to imitate legitimate employers and employment opportunities, the findings may have a bearing on the importance of target selection. Nevertheless, this student contributes to understanding fraudsters' imitation of legitimate actors online for researchers, practitioners, and targets and provides a framework for future research and policy.
1 Georgia State University, USA. Email: [email protected]
2Please note the top five of the featured employment opportunities for each of the eight resumes on one database (i.e., Monster) for two weeks during this study could not be applied for because the database was not accessible to the researcher.
3 See Appendix A. Politeness and Urgency and Delay Linguistic Cues Categized for additional words and phrases that assisted in the construction of my linguistic persuasion cues of politeness and urgency.
4 Atkins and Huang's (2013) research on fraudulent linguistic cues of persuasion with online communications was defined with prior research from (1971), Huang and Brockman (2011), and Ross (2009).
5 Distinct offender(s) that attempted to defraud the featured resume profiles. The researcher classified individual offenders by presentation, such as unique emails, physical addresses, and webpage associated with an employer (i.e., potential fraudsters).
6 One fraud instance could have contained two types of fraudulent attacks (i.e., phishing attack and sensitive information attack).
References
Akers, R. L. (1998). Social Structure and Social Learning. Los Angeles: Roxbury.
Akers, R. L. (2009). Social learning and social structure: A general theory of crime and deviance. New Brunswick, NJ: Transaction Publishers. https://doi.org/10.4324/9781315129587
Akers, R L, & Sellers, C. (2004). Criminological Theories: Introduction, Evaluation, and Application (4th ed). Los Angeles: Roxburv Publishing. https://global.oup.com/ushe/product/9780190935252
Alkhalil, Z., Hewage, C., Nawaf, L., & Khan, I. (2021). Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers in Computer Science, 3, 563060. https://doi.org/10.3389/fcomp.2021.563060
Atkins, B., & Huang, W. (2013). A study of social engineering in online frauds. Open Journal of Social Sciences, 1(03), 23-32. https://doi.org/10.4236/jss.2013.1300
Bernatzky, C., Costello, M., & Hawdon, J. (2022). Who produces online hate?: An examination of the effects of self-control, social structure, & social learning. American Journal of Criminal Justice, 47(3), 421-440. https://doi.org/10.1007/sl2103-020-09597-3
Canter, D. Y., D. (2009). Investigative Psychology: Offender Profiling and the Analysis of Criminal Action. United Kingdom: John Wiley & Sons Ltd. https://eprints.hud.ac.uk/id/eprint/7798
Capaldi, N. (1971). The art of deception. New York: Donald W. Brown Inc.
Carnegie Mellon University. (2020). Information Security Office: Computing Services. Carnegie Mellon University. https://www.cmu.edu/iso/news/2020/pretexting.html
Chiluwa, I. M., & Anurudu, S. (2020). Expressing (Un) certainty through Modal Verbs in Advance Fee Fraud Emails. Covenant Journal of Language Studies, 8(1), 17-34. https://journals.covenantuniversity.edu.ng/index.php/cjls/article/view/2032
Choi, K.-S. (2008). Computer Crime Victimization and Integrated Theory: An Empirical Assessment. International Journal of Cyber Criminology, 2(1), 308-333. https://www.cybercrimejournal.com/pdf/tinaijccjan2008.pdf
Cohen, L. E., & Felson, M. (1979). Social Change and Crime Rate Trends: A Routine Activity Approach. American Sociological Review, 44(4), 588-608. https://doi.org/10.2307/2094589
Conradt, C. (2012). Online Auction Fraud and Criminological Theories: The Adrian Ghighina Case. International Journal of Cyber Criminology, 6(1), 912-923. https: //www.cvbercrimeiournal.com/pdf/christine2012ianiicc.pdf
Corcoran, J., Zahnow, R., & Higgs, G. (2016). Using routine activity theory to inform a conceptual understanding of the geography of fire events. Geoforum, 75,180-185. https://doi.org/10.1016/i.geoforum.2016.07.015
Cross, C. (2013). 'Nobody's holding a gun to your head...': Examining current discourses surrounding victims of online fraud. In K. Richards & J. Tauri (Eds.), Crime, Justice and Social Democracy: Proceedings of the 2nd International Conference (pp. 25-32). Crime and Justice Research Centre, Queensland University of Technology. http://eprints.qut.edu.au/61011
Cross, C. (2015). No laughing matter: Blaming the victim of online fraud. International Review of Victimology, 21 (2), 187-204. https://doi.org/10.1177/0269758015571471
Cross, C., Dragiewicz, M., & Richards, K. (2018). Understanding romance fraud: Insights from domestic violence research. The British Journal of Criminology, 58(6), 1303-1322. https://doi.org/10.1093/bic/azv005
Cross, C., & Holt, T. J. (2021). The use of military profiles in romance fraud schemes. Victims & Offenders, 16(3), 385-406. https://doi.org/10.1080/15564886.2020.1850582
Cross, C., & Kelly, M. (2016). The problem of "white noise": examining current prevention approaches to online fraud. Journal of Financial Crime, 23(4), 806-818. https://doi.org/10.1108/lFC-12-2015-0069
Cuddy, A.)., Glick, P., & Beninger, A. (2011). The dynamics of warmth and competence judgments, and their outcomes in organizations. Research in organizational behavior, 31, 73-98. https://doi.org/10.1016/i.riob.2011.10.004
Cumming, D., Leung, T. Y., & Rui, 0. (2015). Gender diversity and securities fraud. Academy of management Journal, 58(5), 1572-1593. https://doi.org/10.5465/ami.2013.0750
Dillahunt, T. R., Bose, N., Diwan, S., & Chen-Phang, A. (2016). Designing for disadvantaged job seekers: Insights from early investigations. In Proceedings of the 2016 ACM Conference on Designing Interactive Systems (pp. 905-910). ACM Digital Library. https://doi.org/10.1145/2901790.2901865
Edwards, M., Peersman, C., & Rashid, A. (2017). Scamming the scammers: towards automatic detection of persuasion in advance fee frauds. In Proceedings of the 26th International Conference on World Wide Web Companion (pp. 1291-1299). ACM Digital Library. httos://doi.org/10.1145/3041021.3053889
Farrington, D. P., & Loeber, R. (2000). Epidemiology of juvenile violence. Child and adolescent psychiatric clinics of North America, 9(4), 733-748. https://doi.org/10.1016/S 1056-4993 f 18130089-0
FBI. (n.d.). Common Scams and Crimes. https://www.fbi.gov/how-we-can-helpvou/safety-resources/scams-and-safety/common-scams-and-crimes
Feuerherd, В., & Fitz-Gibbon, J. (2022). 'Real Housewives' star Jen Shah pleads guilty in fraud case: 7 knew this was wrong'. NYP Holdings, Inc. https://nyposLcom/2022/07/ll/real-housewives-jen-shah-pleads-guilty-in-fraud-case/
Gilmour, N. (2014). Understanding money laundering. A crime script approach. The European Review of Organised Crime, 1(2), 35-56. https://standinggroups.ecpr.eu/sgoc/wpcontent/uploads/sites/51/2020/01/gilmour.pdf
Hadnagy, C. (2010). Social Engineering: The Art of Human Hacking. John Wiley & Sons. https://theswissbav.ch/pdf/Books/Computer%20science/socialengineering the scienceofhumanhacking 2ndedition.pdf
Hadnagy, C. (2018). Social Engineering: The Science of Human Hacking. John Wiley & Sons. Inc, https://doi.org/10.1002/9781119433729
Hadnagy, C. (2019). Social Engineering: The Science of Human Hacking. Indianapolis, IN: Wiley.
Hadnagy, C., & Schulman, S. (2021). Human Hacking: Win Friends, Influence People, and Leave Them Better Off for Having Met You. HarperCollins Publishers. https://www.harpercollins.com/products/human-hacking-christopher-hadnagysethschulman
Hatfield, J. M. (2018). Social engineering in cybersecurity: The evolution of a concept. Computers & Security, 73, 102-113. https://doi.org/10.1016/i.cose.2017.10.008
Henson, B., Reyns, B. W., & Fisher, B. S. (2011). Security in the 21st century: Examining the link between online social network activity, privacy, and interpersonal victimization. Criminal Justice Review, 36(3), 253-268. https://doi.org/10.1177/0734016811399421
Higgins, G. E., Fell, B. D., & Wilson, A. L. (2007). Low self-control and social learning in understanding students' intentions to pirate movies in the United States. Social Science Computer Review, 25(3), 339-357. https://doi.org/10.1177/0894439307299934
Holt, T. J. (2003). Examining a transnational problem: An analysis of computer crime victimization in eight countries from 1999 to 2001. International Journal of Comparative and Applied CriminalJustice, 27(2), 199-220. https://doi.org/10.1080/01924036.2003.9678709
Holt, T. J., Lee, J. R., Freilich, J. D., Chermak, S. M., Bauer, J. M., Shillair, R., & Ross, A. (2020). An exploratory analysis of the characteristics of ideologically motivated cyberattacks. Terrorism and Political Violence, 1-16. https://doi.org/10.1080/09546553.2020.1777987
Huang, J., Stringhini, G., & Yong, P. (2015). Quit playing games with my heart: Understanding online dating scams. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 216-236). Springer. https://doi.org/10.1007/9 78-3-319-205 50-2 12
Huang, W., & Brockman, A. (2011). Social engineering exploitations in online communications: Examining persuasions used in fraudulent e-mails. In Crime online: Correlates, causes, and context (pp. 87-111). Durham, NC: Carolina Academic Press, https://cap-press.com/books/isbn/9781531020477
Hutchings, A., & Clayton, R. (2016). Exploring the provision of online booter services. Deviant Behavior, 37(10), 1163-1178. https://doi.org/10.1080/01639625.2016.1169829
Internet Crime Complaint Center. (2021). Internet Crime Report 2020. Internet Crime Complaint Center, https://www.ic3.gov/Media/PDF/AnnualReport/2020 IC3Report.pdf
Junger, M., Montoya, L, Hartei, P., & Heydari, M. (2017). Towards the normalization of cybercrime victimization: A routine activities analysis of cybercrime in europe. In 2017 international conference on cyber situational awareness, data analytics and assessment (cyberSA] (pp. 1-8). IEEE.https://doi.org/10.1109/CvberSA.2017.8073391
Kallenberg, W. C. M., Oosterhoff, J., & Schriever, B. F. (1985). The number of classes in chi-squared goodness-of-fit tests. Journal of the American Statistical Association, 80(392), 959-968. https://doi.org/10.2307/2288561
Kigerl, A. (2018). Profiling cybercriminals: Topic model clustering of carding forum member comment histories. Social Science Computer Review, 36(5), 591-609. https://doi.org/10.1177/0894439317730296
Krasauskas, R., & Mačernytė-Panomariovienė, I. (2021). Internal Migration of Workers in the European Union: Legal Aspects of Lithuania's Experience in Transposing the Posting of Workers Directive. Baltic Journal of Law & Politics, 14(1), 153-180. https://doi.org/10.2478/bilu-2021-0007
Kroher, M., & Wolbring, T. (2015). Social control, social learning, and cheating: Evidence from lab and online experiments on dishonesty. Social Science Research, 53, 311-324. https://doi.org/10.1016/i.ssresearch.2015.06.003
Kshetri, N. (2010). Diffusion and effects of cyber-crime in developing economies. Third World Quarterly, 31(7), 1057-1079. https://doi.org/10.1080/01436597.2010.518752
Lavorgna, A. (2014). Internet-mediated drug trafficking: towards a better understanding of new criminal dynamics. Trends in organized crime, 17(4), 250270. https://doi.org/lO.l007/s 12117-014-9226-8
Leclerc, В. (2013). New developments in script analysis for situational crime prevention. Cognition and crime: Offender decision making and script analyses, 221236. http://hdl.handle.net/10072/61711
Lee, N. M. (2018). Fake news, phishing, and fraud: a call for research on digital media literacy education beyond the classroom. Communication Education, 67(4), 460466. https://doi.org/10.1080/03634523.2018.1503313
Leech, N. L, & Onwuegbuzie, A. J. (2008). Qualitative Data Analysis: A Compendium of Techniques and a Framework for Selection for School Psychology Research and Beyond. School Psychology Quarterly, 23(4), 587-604. https://doi.org/10.1037/1045-3830.23.4.587
Leukfeldt, R., & Holt, T. (2020). The Human Factor of Cybercrime. Routledge. https://www.routledge.com/The-Human-Factor-of-Cvbercrime/LeukfeldtHolt/p/book/9781032087191
Lichter, E. L, & McCloskey, L. A. (2004). The effects of childhood exposure to marital violence on adolescent gender-role beliefs and dating violence. Psychology of Women Quarterly, 28(4), 344-357. https://doi.org/10.1111/i.l471-6402.2004.00151.x
Luangrath, A. W., Peck, J., & Barger, V. A. (2017). Textual paralanguage and its implications for marketing communications. Journal of Consumer Psychology, 27Í11. 98-107. https://doi.org/10.1016/i.icps.2016.05.002
Luca, M., & Zervas, G. (2016). Fake it till you make it: Reputation, competition, and Yelp review fraud .Management Science, 62(12), 3412-3427. https://doi.org/10.1287/mnsc.2015.2304
Maimon, D., Howell, C. J., & Burruss, G. W. (2021). Restrictive deterrence and the scope of hackers' reoffending: Findings from two randomized field trials. Computers in Human Behavior, 125,106943. https://doi.org/10.1016/i.chb.2021.106943
Maimon, D., & Louderback, E. R. (2019). Cyber-dependent crimes: An interdisciplinary review. Annual Review of Criminology, 2(1), 191-216. https://doi.org/10.1146/annurev-criminol-032317-092057
Maimon, D., Santos, M., & Park, Y. (2019). Online deception and situations conducive to the progression of non-payment fraud. Journal of Crime and Justice, 42(5), 516535. https://doi.org/10.1080/0735648X.2019.1691857
McQuade, S. C. (2006). Understanding and managing cybercrime. Pearson/Allyn and Bacon Boston. https://wwwoip.gov/ncirs/virtual-librarv/abstracts/understanding-and-managing-cvbercrime
Merriam-Webster. (2019). fraud. In Merriam-Webster's online dictionary. MerriamWebster, Incorporated, https: //www.merriam-webster.com/dictionary/fraud
Messner, S. F., & Tardiff, K. (1985). The social ecology of urban homicide: An application of the "routine activities" approach. Criminology, 23(2), 241-267. https://doi.org/10.llll/i. 1745-912 5.1985.tb0033 6.x
Miller, B., & Morris, R. G. (2016). Virtual peer effects in social learning theory. Crime & Delinquency, 62(12), 1543-1569. https://doi.org/10.1177/0011128714526499
Mustaine, E. E., & Tewksbury, R. (1998). Predicting risks of larceny theft victimization: A routine activity analysis using refined lifestyle measures. Criminology, 36(4), 829-858. https://doi.org/10.llll/i.!745-9125.1998.tb01267.x
Mustaine, E. E., & Tewksbury, R. (2000). Comparing the lifestyles ofvictims, offenders, and victim-offenders: A routine activity theory assessment of similarities and differences for criminal incident participants. Sociological Focus, 33(3), 339-362. https://doi.org/10.1080/00380237.2000.10571174
Naidoo, R. (2015). Analysing Urgency and Trust Cues Exploited in Phishing Scam Designs. In International Conference on Cyber Warfare and Security (pp. 216-222). Academic Conferences International. https://www.proquest.com/openview/dadlbd4d21a8d5ca6a007dl4cef9224c
Ngambeki, L, Ahluwalia, G., Ansari, S., Li, M., & Arui, G. L. R. (2021). Developing a Social-Engineering Course. In 2021 IEEE Frontiers in Education Conference (FIE) (pp. 1-8). IEEE. https: //doi.org/l0.1109/FIE49875.2021.9637328
Ogunleye, Y. 0., Ojedokun, U. A., & Aderinto, A. A. (2019). Pathways and Motivations for Cyber Fraud Involvement among Female Undergraduates of Selected Universities in South-West Nigeria. International Journal of Cyber Criminology, 13(2), 309-325. https://www.cybercrimejournal.com/pdf/OgunleyeetalVoll3Issue2IJCC2Q19.pdf
Park, Y., Jones, J., McCoy, D., Shi, E., & Jakobsson, M. (2014). Scambaiter: Understanding Targeted Nigerian Scams on Craigslist. Internet Society. https://assetpdf.scinapse.io/prod/2049900312/2049900312.pdf
Pellón, I. A., & Anesa, P. (2020). Advance-Fee Scams: A Corpus and Genre Analysis. In Multiperspectives in analysis and corpus design (pp. 1-14). Comares. https://hdl.handle.net/10446/164368
Pratt, T. C., Holtfreter, K., & Reisig, M. D. (2010). Routine online activity and internet fraud targeting: Extending the generality of routine activity theory. Journal of research in crime and delinquency, 47(3), 267-296. https://doi.org/10.1177/0022427810365903
Prinz, J. (2013). Siegel's get rich quick scheme. Philosophical Studies, 163(3), 827-835. httns://doi.org/10.1007/sl 1098-012-0015-4
Putera, A. P., & Huda, M. K. (2021). Bank Agency in Comparison between Indonesia Legal Perspective and Common Law System. Croatian International Relations Review, 27(87), 199-220. http://www.cirri.org/index.php/cirri/article/view/489
Rege, A. (2009). What's Love Got to Do with It? Exploring Online Dating Scams and Identity Fraud. International Journal of Cyber Criminology, 3(2), 494-512. https://www.cybercrimeiournal.com/pdf/AunshulIlCCluly2009.pdf
Rege, A., Williams, K., & Mendlein, A. (2019). A social engineering course project for undergraduate students across multiple disciplines. In 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security) (pp. 1-81. IEEE, https://doi.org/10.1109/CvberSecPQDS.2019.8885085
Ross, A. (2009). Information security: where computer science, economics and psychology meet. Philosophical Transactions of the Royal Society A: Mathematical, Physical & Engineering Sciences, 367(1898), 2717-2727. https://doi.org/10.1098/rsta.2009.0027
Rouse, M. (2013). Distributed denial of service (DDoS) attack. SearchSecurity.
Samtani, S., Chinn, R., Chen, H., & Nunamaker Jr, J. F. (2017). Exploring emerging hacker assets and key hackers for proactive cyber threat intelligence. Journal of Management Information Systems, 34(4), 1023-1053. https://doi.org/10.1080/074212 22.2017.1394049
Shadmanfaat, S. M., Howell, C. J., Muniz, C. N., Cochran, J. K., Kabiri, S., & Fontaine, E. M. (2020). Cyberbullying perpetration: An empirical test of social learning theory in Iran. Deviant Behavior, 41(3), 278-293. https://doi.org/10.1080/01639625.2019.1565513
Sidi, Y., Glikson, E., & Cheshin, A. (2021). Do You Get What I Mean?!? The Undesirable Outcomes of (Ab) Using Paralinguistic Cues in Computer-Mediated Communication. Frontiers in psychology, 12, 658844. https://doi.org/10.3389/fþsyg.2021.658844
Skinner, W. F., & Fream, A. M. (1997). A social learning theory analysis of computer crime among college students. Journal of research in crime and delinquency, 34(4), 495-518. https: //doi.org/10.1177/0022427897034004005
Stewart, E. A., Elifson, K. W., & Sterk, C. E. (2004). Integrating the general theory of crime into an explanation of violent victimization among female offenders. Justice Quarterly, 21{ 1), 159-181. https://doi.org/10.1080/07418820400095771
Sutherland, E. H. (1947). Principles of Criminology: A Sociological Theoiy of Criminal Behavior (4th ed.). J. B. Lippincott. https://psvcnet.apa.org/record/1948-02673-000
Trahan, A., Marquart, J. W., & Mullings, J. (2005). Fraud and the American dream: Toward an understanding of fraud victimization. Deviant Behavior, 26(6), 601-620. https://doi.org/10.1080/01639620500218294
Voinov, V., Nikulin, M., & Balakrishnan, N. (2013). Chi-Squared Goodness of Fit Tests with Applications. Waltham, MA: Elsevier, Inc. http://sadbhavnapublications.org/researchenrichment-material/2-Statistical-Books/Chi-Squared-Goodness-of-Fit-Tests-withApplications.pdf
Wang, F., Howell, C. J., Maimon, D., & Jacques, S. (2021). The Restrictive Deterrent Effect of Warning Messages Sent to Active Romance Fraudsters: An Experimental Approach. International Journal of Cyber Criminology, 15(1), 1-16. https://cybercrimejournal.com/pdf/IJCC-l-202 l.pdf
Wang, G., Koshy, J., Subramanian, S., Paramasivam, K., Zadeh, M., Narkhede, N.. Rao, J., Kreps, J., & Stein, J. (2015). Building a replicated logging system with Apache Kafka. Proceedings of the VLDB Endowment, 8(12), 1654-1655. https://doi.org/10.14778/2824032.2824063
Whitty, M. T. (2013). The scammers persuasive techniques model: Development of a stage model to explain the online dating romance scam. British Journal of Criminology, 53(4), 665-684. https://doi.org/10.1093/bic/azt009
Whitty, M. T., & Buchanan, T. (2012). The online romance scam: A serious cybercrime. Cyberpsychology, behavior, and social networking, 15(3), 181-183. https://doi.org/10.1089/cvber.2011.0352
Williams, M. L. (2016). Guardians upon high: An application of routine activities theory to online identity theft in Europe at the country and individual level. British Journal of Criminology, 56(1), 21-48. https://doi.org/10.1093/bjc/azv011
Workman, M. (2007). Gaining access with social engineering: An empirical study of the threat Information Systems Security, 16(6), 315-331. https: //doi.org/10.1080/10658980701788165
Workman, M. (2008). Wisecrackers: A theory-grounded investigation of phishing and pretext social engineering threats to information security. Journal of the American society for information science and technology, 59(4), 662-674. https://doi.org/10.1002/asi.20779
Yip, M., Shadbolt, N., & Webber, C. (2013). Why forums? An empirical analysis into the facilitating factors of carding forums. In Proceedings of the 5th annual ACM web science conference (pp. 453-462). ACM Digital Library. https://doi.org/10.1145/2464464.2464524
Yusni, M., Nasution, B., & Tan Kamello, S. (2021). Settlement of Problem/Nonperforming Loans through Non-Litigation Methods by Government Banks in Indonesia. International Journal of Criminal Justice Sciences, 16(2), 162-176. https://iicis.com/menu-script/index.php/iicis/article/view/406
Zhou, L., Burgoon, J. K., & Twitchell, D. P. (2003). A longitudinal analysis of language behavior of deception in e-mail. In International Conference on Intelligence and Security Informatics (pp. 102-110). Springer, https://doi.org/10.1007/3-54044853-5 8
Zhu, H., Xiong, H., Ge, Y., & Chen, E. (2014). Mobile app recommendations with security and privacy awareness. In Proceedings of the 20th ACM SIGKDD international conference on Knowledge discovery and data mining (pp. 951-960). ACM Digital Library. https://doi.org/10.1145/2623330.2623705
Appendix A. Politeness and Urgency and Delay Linguistic Cues Categized.
Research suggests individuals will act to serve their personal needs, especially in reaction to a threat and/or opportunity. Specifically, psychological research indicates an actor will act based on rewards or penalties (i.e., threat and/or opportunity), often communicated through written text in online advertisements or communications (Naidoo, 2015; Sidi et al., 2021; Workman, 2007). I constructed two distinct categories of politeness and urgency cues using prior research to cluster offenders' linguistic communications directed at the featured resume profiles (see Atkins and Huang (2013); Pellón and Anesa (2020)). The table below further illustrates the method used to quantify the qualitative data collected from the email communication between the featured resume profiles and fraudsters.
You have requested "on-the-fly" machine translation of selected content from our databases. This functionality is provided solely for your convenience and is in no way intended to replace human translation. Show full disclaimer
Neither ProQuest nor its licensors make any representations or warranties with respect to the translations. The translations are automatically generated "AS IS" and "AS AVAILABLE" and are not retained in our systems. PROQUEST AND ITS LICENSORS SPECIFICALLY DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES FOR AVAILABILITY, ACCURACY, TIMELINESS, COMPLETENESS, NON-INFRINGMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Your use of the translations is subject to all use restrictions contained in your Electronic Products License Agreement and by using the translation functionality you agree to forgo any and all claims against ProQuest or its licensors for your use of the translation functionality and any output derived there from. Hide full disclaimer
© 2022. This work is published under https://creativecommons.org/licenses/by-nc-sa/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.
Abstract
Online fraud is ever-increasing with fraudsters who use a variety of platforms, like online employment classified advertisement databases, to defraud unsuspecting users. The literature suggests fraudsters achieve this by imitating legitimate individuals and organizations to deploy their SE characteristics and tactics for the purpose of gaining users' personal, sensitive and financial information for their own personal gain. The research objective of the current study is to explore the extent fraudsters' SE attacks, such as linguistic cues and tactics, differ depending on a user's online resume presentation on employment database websites. The current study uses a mixed methods analysis to quantify the qualitative data extracted from fraudsters who pretend to be legitimate employers/employment opportunities online. The findings suggest an association between unique fraudsters and fraud instances and the demographics of a featured resume profile. Additionally, the results indicate that a fraudster's technological ability and thus sophistication may influence SE characteristics, especially their tactics to defraud targets. The study emphasizes the critical role human behavior plays during an online fraud attack with recommendations for future research and policy. The findings suggest fraudsters socially learn and adapt to their online environment and consequently emphasize the importance of identifying offenders' ever-changing strategies to defraud users while educating potential targets.
You have requested "on-the-fly" machine translation of selected content from our databases. This functionality is provided solely for your convenience and is in no way intended to replace human translation. Show full disclaimer
Neither ProQuest nor its licensors make any representations or warranties with respect to the translations. The translations are automatically generated "AS IS" and "AS AVAILABLE" and are not retained in our systems. PROQUEST AND ITS LICENSORS SPECIFICALLY DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES FOR AVAILABILITY, ACCURACY, TIMELINESS, COMPLETENESS, NON-INFRINGMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Your use of the translations is subject to all use restrictions contained in your Electronic Products License Agreement and by using the translation functionality you agree to forgo any and all claims against ProQuest or its licensors for your use of the translation functionality and any output derived there from. Hide full disclaimer
Details
1 Georgia State University