Cybercriminals are targeting these types of people

A study has revealed that agreeable people are most likely to fall victim to providing private and sensitive information to cybercriminals.

The study was conducted by Cape Town-based system analyst Vian Smit, who recently graduated from Stellenbosch University with a master’s in Socio-Informatics.

Smit surveyed roughly 700 people to investigate how they would respond to different social engineering attacks based on their personality type.

He focused on the so-called Big Five personality types: conscientiousness, extraversion, agreeableness, openness, and neuroticism.

Of the personality types examined, agreeable people were found to be the most prone to falling victim to social engineering attacks.

“People with an agreeable personality are compassionate, altruistic, friendly, trusting, sympathetic, kind, and forgiving,” Smit said.

“Their inclination to always be kind and wanting to help others puts them at a disadvantage when they are faced with a social engineering attack.”

This makes them particularly vulnerable to phishing, which involves duping someone into opening fake emails and messages, and smishing, which involves using deceptive texting to gain sensitive information.

Agreeable people are also prone to impersonation, pretexting, and attacks that involve malicious links hidden in QRishing.

They were followed by conscientious people, who are disciplined and respectful of rules, and extroverts, who are outgoing and sociable.

Extroverts were found to violate cybersecurity policies more often, thus complying with malicious requests more frequently.

Smit notes that extroverts tend to be victims of malvertisments — being manipulated into downloading a malicious piece of software — and fake Wi-Fi networks used to access someone’s device.

Conscientious people tended to be vulnerable to similar attacks that agreeable people are prone to.

Those within the neurotic, emotionally unstable and anxious people, and open-minded groups were seen as less likely to be prone to these attacks.

Neurotic people tend to be easy targets for fake applications and plug-in attacks.

Smit says cybercriminals use these social engineering techniques to trigger our psychological needs, such as the desire to be liked or trusted.

“Understanding the personality traits that are most vulnerable to social engineering attacks can help cybersecurity experts develop more effective protection strategies,” Smit argues.

“Armed with a deeper understanding of the human psyche, organisations can navigate the complexities of cybersecurity with confidence, safeguarding their most valuable assets in an ever-changing threat landscape.”

Because cybersecurity measures also consider personality types, organisations face a greater challenge in mitigating the effects of social engineering attacks.