Hacking kindness: Cybercriminals exploiting our best intentions

Emotional content - both negative and positive - is effective in manipulation
  • 13 Hours Ago
Cybercriminals are not only using fear and urgency to exploit their victims. Positive emotions such as empathy, curiosity, and a desire to help, are also being exploited, warns Anna Collard, SVP of Content Strategy and CISO Advisor at KnowBe4 Africa.

“Emotional manipulation is a common tactic in social engineering,” says Collard. “We have all heard about fear-based tactics or scams that create a sense of urgency, but scammers also focus on positive feelings, like compassion and love, to take advantage of their victims.”

For example, “they create fake fundraisers or charities involving children, the elderly, or natural disasters to trigger immediate compassionate responses,” she comments. “These scams are often supported by fake testimonials and deepfake videos or AI-generated content showing the supposed impact of their charitable work.”



Manipulation

“Fear-based scams remain highly effective. Urgency and panic consistently work because they trigger fight-or-flight responses, create time pressure, or exploit our fear of loss. However, positive emotions also lower our defences,” Collard asserts.

“When people feel good about helping others, they’re less likely to question whether something is a scam. Research shows that the ‘warm glow’ effect from helping can temporarily reduce critical thinking, as we rely more on mental shortcuts than analysis.”

Kindness also activates reward centres in the brain, creating a positive feedback loop that criminals can exploit. “These tactics create a sense of connection and purpose,” Collard explains. Victims are particularly susceptible when already emotionally invested. The sunk-cost fallacy can come into play, where someone who has already donated or helped feels compelled to give more.



Trust-based scams

Common scams include fake charity drives that mimic legitimate organisations like UNICEF or CANSA. These tactics are especially effective in communities with strong collective values, such as the South African concept of ubuntu. “Criminals co-opt cultural values by framing their scams as community-building initiatives,” she warns.

Highly organised romance fraud and ‘pig butchering’ scams where criminals build long-term relationships before defrauding victims, are other prominent examples. “These scams often employ sophisticated psychological tactics to build trust and exploit loneliness over many months,” she adds. They rarely ask for money directly, making them harder to detect.



What can you do?

Collard advises caution without cynicism. “Take a moment to verify before you donate,” she says, recommending independent online resources to check charitable organisations and causes.

She also suggests a 24- to 48-hour pause before making financial decisions involving emotional appeals, especially donations, helping someone, or potential investments. “Transactions should be made with a clear, level-headed mind, not emotionally. Discuss potential donations or investments with trusted friends or family, and use secure, traceable payment methods rather than cash, cryptocurrency, or prepaid cards.”



What can organisations do?

For organisations running security awareness training, it is vital to teach employees to recognise emotional manipulation, not just technical threats. Collard recommends including scenarios involving charity scams, fake volunteer opportunities, and community investment fraud. “Training should emphasise that verification is caring, not cynicism.”

She also advises developing materials that respect cultural values while promoting security, making the training relatable and reducing human risk. “Use local examples and cultural context in phishing simulations,” she says.

Policy improvements can include approval processes for charitable giving or community investments. “Create clear guidelines and verification procedures for employees engaging with external organisations,” she comments.



Understanding victim psychology

Victims of romance scams and pig-butchering schemes should be approached with empathy rather than judgment, as these scams create genuine emotional dependency.

“Victims often form real emotional bonds with their abusers,” Collard explains. “Asking someone to ‘just stop talking to them’ is like asking them to end a relationship they believe is loving and supportive. They need time, patience, and often professional support to rebuild their judgment.”

Finally, she stresses the importance of avoiding cynicism. “Cybersecurity awareness is about protecting your ability to genuinely help others,” Collard concludes. “Being security-conscious safeguards both you and legitimate causes, enabling more effective, sustainable giving.” - Distributed by APO Group on behalf of KnowBe4