Detecting and Mitigating Cyber-Psychological Tricks and Cyber-Technical Tricks in Cyberattacks

The detecting and mitigating of cyber-psychological tricks and cyber-technical tricks is still an active challenge in cyberspace security. The advancement and convergence of technologies are going parallel with the emergence of new challenging cyber attacks such as advanced persistent threats (APTs), zero-day attacks, and others that are sophisticated and stealthy. In that sense, the study of cyber-psychological and cyber-technical tricks is inevitable in cybersecurity solution planning. This study aimed to explore the cyber-psychological tricks, cyber-technical tricks, indicators, and their mitigation strategies. The study applied the metadata analysis research approach to compile, compare, and analyze the different theoretical and empirical findings. The study found that the common cyber-psychological tricks are Fear, Authority, Social Proof, Exclusivity, Scarcity, Emotional Appeals, Reciprocity, Urgency, Familiarity, and Curiosity, and the effective mitigating strategy of psychological ticks is the training of the users. On the other hand, the study evidenced that common cyber-technical tricks are Spoofing, Malware Delivery, Phishing Kits, Domain Spoofing, DNS Spoofing, Man-in-the-Middle (MitM), Credential Harvesting, SSL Stripping, Card Skimming, URL Manipulation, Data Breach through Phishing, Exploit Vulnerabilities, Credential Stuffing, Phishing via SMS (Smishing), Fake Academic Portals, Network Sniffing, Fake Donation Links, Social Media Phishing, SCADA Exploits and Network Scanning. The mitigation of these cyber-technical tricks requires the end users to be trained on how to get rid of the cyber-attacks. Therefore, we concluded that cyber-psychological tricks are the first runners for cyber-technical tricks, and the effective mitigation strategy is the training for users. Thus, we recommend that cybersecurity stakeholders (targets of cyber-attacks) such as health, education, government agencies, and business enterprises establish both psychological awareness and technical know-how; off and on-the-job training programs for their staff and customers to increase the organizational reputation.