Академический Документы
Профессиональный Документы
Культура Документы
ABSTRACT
Security is one of the most important aspect in information technology era. Many service
providers have put their effort in developing secure system for information technology service.
Yet, in many cases the vulnarabilities are not in the system but in human side as a user.
Psychological aspect of human is the most vulnarable in security since it can be manipulated,
decived, and influenced. Social engineering is one of the most prominent technique in
infulencing and manipulating human psychology and thought which is delivered through
language. This research is amed at analysing the advertisment, pop-up, and fake email that used
as medium for social engineering. The data are taken from internet which indicate fake
information. The analysis is focuses on the linguistic features and sign used in the data. The data
are analysed by using pragmatic identity method and referential identity method. The result of
analysis shows that the deciever violates maxim quality in delivering the massage. Beside, the
result also shows that the deciver develop mental space by employing several main issues for
attracting target attention, they are sexual interest, financial interest, religious interest, and
gaming interest.
Key Words: social engineering, persuasion, deception, mental space
1. INTRODUCTION
2. METHOD
The data are taken from internet that contain information for persuding people
such as pop-up, banner-ad, and email. The data are coleected by using observational
method by employing note taking technique. Then the data are analysed by using
pragmatic identity method and referencial identity method. The reasearch is aimed at
figuring out the language strategy used by the deciever to gather information from the
target.
Studying and analyzing social engineering is not as simple as it looks. Since it
deals with human, who are complex and complicated, social engineering involves
several studies including linguistics, semiotics, communication, and psychology. In this
reseach, the analysis is focused on linguistic and semiotic aspect of social engineering.
However, in understanding the meaning of the data, some communication an
psycological concepta are also used to figure out the relationship between language and
deception.
Wierzbickas semantic explication relies on truth conditions, which dealing with the
nature of truth in human language production. The truth value of a sentence is whether
or not the sentence is true in the actual world.
In term of pragmatic, deception can be seen from Grice concept of converstional
implicature which focusing on cooperative principle Make your a conversational
contribution such as is required, at the stage at which it occurs, by the accepted purpose
or direction of the talk exchange in which you are engaged (Grice, 1975). Furthermore,
Grice elaborates the principle by providing four maxims: quality (truthfulness), quantity
(informativeness), relation (relevance) and manner (clarity). Grice concludes that in
order to gain truthfulness, people need to maintain the maxim. In other words, it can be
assumed that verbal and textual relationships with others need to maintain acceptable
standards of truthfulness. In fact, real communication is frequently violate the maxim
for various reason, including politeness and for manipulation. In many cases, deception
is based on the violating the maxim. The foundation of deception deals with the
potential victims assumption of truth. Having established this foundation by simply
opening the conversation, the deceptor then manipulate the quality maxim as well as the
remaining maxims to their advantage. Moreover, the speech act theory (Austin, 1962)
and politeness strategy are also important to be analyzed. Since the language is consider
as an action, then the the uttererance itself are consist of three types of action, they are
locutionary (lingusitic feature), illocutionary (meaning or intention), and perlucutionary
(effect of utterence). In manipulating people, the speaker has to frame the target through
series of truth that lead the target to believe in the primary intention.
Furthermore, the concept of mental spaces that proposed Fauconnier will help to
understand the relation on language and deception. Fauconnier defines mental spaces as
constructs distinct from linguistic structures but built up in any discourse according to
guidelines provided by the linguistic expressions (Fauconnier, 1994:16). Deception
deals with mental aspect of the targets which deliver through discourse concerning to
the certain issue, such as the detail information, problem, and virtue of the target. In
other word, the deceiver develops mental space which may influence target.
3. DICUSSION
As mention earlier that many people belive that persuasion is an art which
includes organized actions from information gathering to execution. Information
gathering is the first step that should be done carefully in order to get as much data as
possible concerning to the target. The deciver should know about detail information
such as personal information, abality, interest, job, etc. Beside, the deciver also need to
provide information from third party that can be used to decive the target. For example,
when deciever want to abaout someone, he or she may find information about third
party, such as a company or institution, then gather information concerning to what the
company do, the product or service of the company, location of the company, job
openings, contact number, executive board, mailing adress convention, and other
information that can be used to persuade or convince the target. All of these
informations are important which may help other to conduct further action to exploit the
target. In the active attack in which the deceiver has to lead the target into certain action,
the deceiver has to make the action as real as it is. Below are several example of
medium that the social engineer uses to gather information about the target.
The following ads is one of the data that shows how deciever gather information
about the target:
3
The picture above is a pop-up which appears when someone visit certain website
or click a certain botton in a web page. The picture is claiming that the visitor is
winning amount of money. To analyze the advertisement above, it can be divided into 3
parts:
Structure
Claim
Congratulation! You Won! You Won!
You Won!
Comment
The part is an oppening message which disigned
with big and bold font. The utterance is tell the
visitor that he/she has won amount of money. The
sentence is designed with simple and atractive
structure. The deciver uses imperative sentences
that directly pointed to the target.
Profiling
Where do You Want Us to Send Any The second part is profiling section which direct
the target to fill up the form. This part is the main
Prizes You Win?
part and can be considered as the intention of the
Your prize notifications and FreeLotto
entry confirmation, daily results and
sponsor advertising messages will be
sent will be sent only by FreeLotto.
YOUR EMAIL ADDRESS WILL NOT speaker want to know about the detail information
of the target.
BE SHARED WITH ANYONE
The next line consist of information that will
ensure the target has special concern of company
service. This utterance is used for further folow up
or deliver further action that target need to do to
claim their prize. By doing so, the deciver ensure
that they have target trust and make sure that all
information they send in the target email is true.
The last line of second part is statement that the
speaker or deciver will not share the personal
information of the target to other. This is important
statement in order to make sure that the target
believe about their security and privacy. However,
the utterance has implication that the speaker is
intended to say that their company is trustworthy.
Approval
The last part of the ads is the approval part that
provide information about term and condition for
the privacy and policy. This information is mention
in long sentence. Generely, people in internet are
rarely read the privacy policy. It delivers in long
sentence in order to make target confuse and
neglect the policy. By doing so the deciever make
sure that the target ignore the information and
conduct the following action.
The analysis above shows that the deciver uses persuasive language by applying three
layes. First is claim part which aim at catching target attention with imperative sentence and big
bold font. The deciever uses imperative sentence as a direct statement that will lead the target to
exciting feeling. The deciver also apply repetition technique in order to enforce the meaning. By
applying Fauconniers theory, it can be seen that repetition will create mental space to
the target mind. The actual truth conditions exist within the mental space constructed by
the language used in ads. The decievers communicative skill aim to construct the
mental space through discourse in such a way that can be accepted by the target as the
actual world or convincing truth. In order to convince the target, the deciver provides
details including policy, the prize that has been awarded to the winner, and official
signiture and stamp.
5
By analyzing the ads carefully, it can be infered that the main intention of the
deciver is not to exploit the target yet. The fist part of the ads is the attention catcher
which create mental attention in the targets mind. The next part is profiling which will
gather target personal information. This information will be used for the next attact
either by using fake email or using the information for password cracking, hacking
social media account, or sending pornographic link.
Furthermore, button also has important role in directing target to further attack.
The site that the button jumps will drive the target to has the malicious code, virus,
malware, or trojan. These dangerous codes will be injected to the computer of the target
or embeded to browser. By doing so, the diceiver makes sure that they have full access
to the target or victim. It can be seen in the ads that button is designed with simple
directive sentence Click to Release Your Winning. By using pragmatic analysis, the
meaning and the intention of the deciever can be discovered.
Locutionary act : Click to Release Your Winning
Illocutionary act : Give us your personal information and password
Perlocutionary : The target give their personal information and password
Here, the deciever violates maxim quality which can be indicated from the truth
condition. The button is not for claiming the prize but for lead the target to register or
sign up for a site. If the target clicks the button and provide their personal information,
the deciver will harvest the information concerning to email, password, phone number,
address, and other important information. The target realize that the offer is limited, so
they would click on it soon as they get pop-up ads, which more than likely is at work.
The following email is one of the further social enginering method that the deciver uses
to manipulate the target.
Analyze that email. First, it contains an offer that would attract the present
These email is recived by the target when they register or signed up for the website.
This email is used to direct the target providing detail information and make sure that
the the target has been convincing by the ads. Here, the deciver makes series of action
and persuasion to gather information of the target or victim.
After analysing the data, it can be found there are main issues used to pesuade
and decieving the targets, among other issues are related to:
1. Sexual interest
2. Financial interest
3. Religious interest
4. Gaming interest
These are four main issues used by the deciever to gather information and to exploit the
victim source and security.
4. CONCLUSION
Language is powerful tool to influence people. It can be used for good way or evil
way. The reseacrh shows that language can be used as a tool to exploit people and
taking adventage of the victim vurbarabilities. Social engineering is language skill to
find or discover people weakness and then use it to taking advantage from the victim.
The deciver violates the truth condition ot maxim in order to develop mental space in
target mind and make them accept the truth that the deciver send. There are several
issues that used by the diciver to exploit victim, they are sexual interest, financial
interest, religious interest, and gaming interest.
REFERENCE
Austin, John L., (1962). How to Do Things with Words. Harvard: Hardvar University
Press.
Bilgrami, Akeel. (1992). Belief and meaning: the unity and locality of mental content.
Cambridge: Blackwell Publishers.
Boush, David M., Marian Friestad, AND Peter Wright. (2009). Deception in the
marketplace : the psychology of deceptive persuasion and consumer self
protection. New York: Routledge.
Cull, Nicholas J., David Culbert, and David Welch. (2003). Propaganda and Mass
Persuasion: a Historical Encyclopedia. 1500 to the present. ABC-CLIO:
California.
Ekman, Paul. (2003). Unmasking the face. Malors Book: Cambridge.
Fauconnier, Gilles. (1994). Mental Spaces: Aspects of Meaning Construction in Natural
Language. Cambridge: Cambridge University Press.
Grice, Paul. (1975). Logic and Conversation. In Cole, P., and J.L. Morgan, eds. Speech
Acts. New York: Academic Press, 4158).
Hadnagy, Christopher. (2011). Social Engineering: The Art of Human Hacking.
Indianapolis: Wiley Publishing.
Hogan, Kevin. (1996). The psychology of persuasion : how to persuade others to your
way of thinking. Louisiana: Pelican Publishing Company.
Pietarinen, Ahti-Veikko (ed). (2007). Game Theory and Linguistic Meaning. Elsevier:
Amsterdam.
Richard Bandler and John Grinder. 1975. The Structure of Magic. Science and Behavior
Books: California.
Wierzbicka, Anna. (2006). English: Meaning and Culture. Oxford: Oxford University
Press.