Vian Smit
Personality type is a major factor in people’s vulnerability to cybercrime, a Stellenbosch University (SU) researcher has established. People with an “agreeable” personality were more vulnerable than others to “social engineering” cyberattacks.
The research was carried out by systems analyst Vian Smit, who recently graduated with a master’s in socio-informatics from SU.
Smit surveyed nearly 700 people for his research. They were divided into five “personality types” – conscientious, extravert, agreeable, open, and neurotic. These categorisations were those used in cybersecurity.
His survey addressed the likeliness of the people in these categories responding to social engineering attacks (in which cybercriminals try and trick people into revealing private information or passwords or into clicking on harmful links).
“Among the personality types I examined, agreeableness emerged as the most vulnerable to social engineering tactics,” he reported. “Individuals with high levels of agreeableness were found to be particularly susceptible to manipulation by cybercriminals. Conversely, neuroticism, marked by emotional instability and anxiety, exhibited the lowest susceptibility to such attacks. People with an agreeable personality are compassionate, altruistic, friendly, trusting, sympathetic, kind and forgiving.
“They’re not suspicious and hostile and want to please people. They generally believe in the goodness of humanity and that other people are honest and have good intentions. Their inclination to always be kind and wanting to help others puts them at a disadvantage when they are faced with a social engineering attack.”
Of the other personality types, the conscientious were marked by being disciplined, motivated and respecting rules and procedures. Extraverts were outgoing, sociable and thrill-seeking. Open personalities were so-called because they were open to new experiences, events, ideas and beliefs.
Conscientious types were the second most likely to fall victim to social engineering attacks, while open personalities were the category second least vulnerable to such attacks.
However, each personality type was particularly vulnerable to different specific types of attack. For example, while the least susceptible group overall, neurotic personality types were often easy targets for attacks using fake apps or plug-ins.
“Understanding the personality traits that are most vulnerable to social engineering attacks can help cybersecurity experts develop more effective protection strategies,” he highlighted.
However, each personality type was particularly vulnerable to different specific types of attack. For example, while the least susceptible group overall, neurotic personality types were often easy targets for attacks using fake apps or plug-ins.