Phishing Attacks: Preying on Human Psychology to Beat the System and Developing Cybersecurity Protections to Reduce the Risks


  • Natasha M Wojcicki Dominican University


The evolution of technology over the years has allowed people to more easily store, access, and share information on the Internet.  People can bank online, shop, and post their latest life news.  Unfortunately, all this available information has attracted the attention of cybercriminals who want to use this personal information for fraudulent purposes.  A common technique used by cybercriminals to obtain sensitive information is a scam called phishing.  Criminals pose as a trusted entity in order to trick victims into revealing sensitive information that they will later use to commit illegal money transfers, identity theft, or other fraud.  The consequences of phishing scams may lead to the loss of data, money, identity, reputation, and trust.  As a result, organizations and individuals need to familiarize themselves with the process of a phishing attack and how to protect their systems and information.  Organizations and individuals not only need the proper hardware and software to protect their information, but they also need to understand that cybercriminals prey on human psychology.  Cybercriminals often use social engineering tactics to persuade people to willingly share their personal information.  Therefore, cybersecurity policies and security prevention tips should address technical elements, as well as human behavioral factors that use the CIA (Confidentiality, Integrity, and Availability) model as a guide.

Author Biography

Natasha M Wojcicki, Dominican University

Natasha M. Wojcicki is a current graduate student of the MSIM program at Dominican University in River Forest, Illinois.  In 2006, Natasha graduated from Dominican University with her B.A. in Criminology and Sociology.  In 2008, she graduated with her M.A. in Sociology at Loyola University of Chicago.  Natasha is currently working towards her Master of Science degree in Information Management with a specialization in cybersecurity.