In our research into the human factors of cybersecurity, we
look at theories from psychology of how your brain believes things
without really thinking about them — what scientists know
about how we absorb false ideas before we even realize it.
The first idea is that you can't help believing everything that you
read. Our minds accept all things that we encounter at face value
— at least, until we have the time to weigh it and judge whether
what we perceive is trustworthy.
The second idea is that we use two different systems of thinking —
fast, and one slow. System 1 is unconscious, nonrational and
instantaneous, while System 2 is the one that is deliberate, rational,
and takes time. System 1 is the one that we likely use the most.
The third idea is that marketers and salespeople, along with
cyberattackers and con artists, use
social "weapons" to influence our behavior. These include Liking,
Authority, and Social Proof. We want people to show their approval to us
and to think positively of us. Other weapons include Scarcity,
Reciprocity, and Commitment and Consistency with our self-beliefs. We
consider ourselves to be good people, and our actions show others that
we are just as good as them, or better.
The fourth idea is that we believe that things are true because we would
like them to be true. When we look for evidence of something, we
tend to see what we want to see. And when we find evidence that confirms
our beliefs, we tend not to keep looking for evidence that contradicts
those beliefs or provides a different, but valuable, perspective.
Learn more about our research at socialcybersecurity.org and by
looking up the references listed here.