• CSNP

Shame on you, you got HACKED!

Updated: Jul 1, 2021


Crayon drawings of people

Author Ajayi Anwansedo


Have you or someone you know been hacked before?


“Nine in 10 Americans have been a victim of some form of hack/scam like fraud, a data breach, identity theft, email or social media hacking” - New York Post


So, it’s either you have been hacked or nine people you know have been hacked!


Questions we should ask ourselves, if most people have been hacked:

  • Why do people shame the victims?

  • Why do they ask questions like - What were you thinking? Why did you do that?

  • Or make statements like - I cannot believe you fell for that! Not you! That’s a dumb thing to do!

  • Is it a case of “my hack/scam is more complicated than yours”, or “my hacker/scammer is more intelligent than yours”?

What is a Hack?


A hack is when someone gains unauthorized access to data in your computer or mobile device. Hacking is usually done with the intent of scamming the victim. Sometimes, such hack or scam can be done for good. However, the hacking discussed in this article are those associated with fraudulent activities.


Victim Blaming?


Victim blaming is the point of view that the victim is to blame for the hack/scam because of something they did. While I agree with Troy Hunt that the victims of hacked accounts should share the blame, they should not be shamed for their actions. Unfortunately, in most instances the blame goes with the shame.


Victim Shaming?


Victim shaming on the other hand is to blame the victim with undertones of disgust, contempt, disappointment, resentment, and irritation.


The Difference – Blame and Shame


Blame - “you did not set up your 2-step authentication, that is why the hacker hacked your account”


Shame - “I cannot believe you did not set up your 2-step authentication!”, “with your experience in tech you should know better”


Why people shame hacked victims?


In her article “No laughing matter: Blaming the victim of online fraud,” Cassandra Cross reported that hacked victims are viewed as “greedy and gullible”. This is because what comes to mind when people think or hear about a hacked victim, is someone who fell for some “get rich quick trick”.


Not someone who was told by a “trusted member” of a group they belong to, to click on a link for a meeting (especially in these Covid days).


The use of advanced social engineering techniques by highly skilled professionals is completely ignored.


Effects of victim blaming/shaming


One of the major effects of victim blaming/shaming apart from the psychological and the financial effect on the victim is the effect on the fight against online/mobile fraud.

Because of the blame/shame associated with being hacked, hacked victims are less likely to share their experiences with their family, friends, or the authorities. This makes the fight against cyber attack harder - FBI’s Don Freese


Considering that cyber attacks are relatively new and evolve quickly, one of the most effective ways to stop them, is for victims to alert others. This can be especially effective in the case of WhatsApp or similar groups.


A recent BBC news article decried the continuous spread of the WhatsApp hijack scam.

For one second, let’s think about the magnitude of these WhatsApp hacks. Suppose that you are a member of a WhatsApp group with 256 members. An average person in the group may have 200-500 contacts in their phone.


Someone in the group gets hacked and they do not alert the group admin or members because they do not want to be seen as been greedy or gullible.


Now, the hacker has access to possibly 51,200 (256 x 200) – 128,000 (256 x 500) contacts!

Including yours!


If I remember my statistics correctly this large number of contacts increases the hacker’s, chances of “fraud success”. If only the hacked victim was not afraid of been blamed/shamed and did alert the group admin and members, then maybe only one person is hacked instead of other 51200 -128,00 people.


Conclusion


With advances in social engineering, and the increased sophistication of hackers, we may have to rely on hacked victims to sound the alarm not only to stop the spread of these attacks but also to expose novel hack/fraud schemes.


Interesting articles about hacking/scamming:


https://nypost.com/2019/12/06/more-than-60-of-americans-say-theyve-been-a-victim-of-an-online-scam/


https://www.troyhunt.com/when-accounts-are-hacked-victims-must-share-the-blame/


https://eprints.qut.edu.au/83702/1/Cross_IRV_submitted.pdf


https://searchsecurity.techtarget.com/blog/Security-Bytes/FBIs-Freese-Its-time-to-stop-blaming-hacking-victims


https://www.bbc.com/news/technology-57357301


About the Author: Ajayi Anwansedo is a is a computer scientist, an educator and a researcher. She is a recipient of the 2021 Aspirations in Computing (AiC) Educator Aw

67 views0 comments