How Scammers Take Advantage

Cyber attackers are constantly crafting new ways to trick us into doing things we shouldn’t, like clicking on malicious links, opening infected email attachments, purchasing gift cards or giving up our passwords. They often use different technologies or platforms to try to trick us, such as email, phone calls, text messaging, or social media. While all of this may seem overwhelming, most of these attacks share the same thing: emotion. By knowing the emotional triggers that cyber attackers use, you can often spot their attacks no matter what method they’re using.

We, as humans, often make decisions based on emotions instead of facts. Fortunately for us, if we know the emotional triggers to look for, we can successfully spot and stop most attacks. Listed below are the most common emotional triggers to watch out for.

Middle-aged man talking on the phone


Urgency: Urgency is one of the most common emotional triggers and is highly effective. Cyber attackers will often use fear, anxiety or intimidation to rush you into making a mistake. One example could be an urgent email from your boss demanding sensitive documents to be sent right away, when in reality it’s a cyber attacker pretending to be your boss. Or perhaps you get a text message from a cyber attacker pretending to be the government informing you that your taxes are overdue, and you have to pay now or get fined. Remember to slow down and be aware of potential scams before taking any action.

Surprise/Curiosity: Oftentimes, the most successful attacks say the least. Curiosity is evoked with surprise; it’s a response to something unexpected. For example, a cyber attacker sends you a message that a package is undelivered and to click on a link to learn more, even though you did not order anything. We are enticed to learn more! Unfortunately, there’s no package, just malicious intent on the other side of that link.

Trust: Attackers use a name or brand you trust to convince you into taking an action. For example, a message pretending to be from your bank, a well-known charity, a trusted government organization, or even a person you know. Just because an email or text message uses the name and logo of an organization you know, doesn’t mean the message actually came from them.

Empathy/Compassion: Cyber attackers often take advantage of people’s goodwill. For example, after a disaster appears on the news, they’ll send out millions of fake emails pretending to be a charity serving the victims and asking for money.

By better understanding these emotional triggers, you will be far better prepared to spot and stop cyber attackers, regardless of the lure, technology, or platform they use.

Remember, Royal Bank will never call to ask for your personal identification information like usernames and passwords.