Just as inoculating someone with a weakened version of a virus can help to protect them against the real thing, recently published research suggests that exposing people to simulated Social Security scams in training sessions may be a powerful way to protect them against actual con artists.
Part of the secret to helping people resist scams is “breeding familiarity,” says Cliff Robb, an associate professor in the consumer science department at the University of Wisconsin-Madison and coauthor of two recent, Social Security–funded studies on preventing impostor fraud.
Get instant access to members-only products and hundreds of discounts, a free second membership, and a subscription to AARP the Magazine.
In these scams, crooks pretending to be from Social Security, the IRS, Amazon or other familiar entities send emails or text messages that aim to deceive their targets into giving up money or sensitive personal information. Social Security is the most common subject of government impostor fraud, according to the Federal Trade Commission, which received more than 217,000 complaints about such scams in 2021. Victims reported $148.5 million in losses.
The Social Security Administration (SSA) posts detailed information on its website about impostor scams (as does AARP) and uses other channels to spotlight the problem, including prominent “scam alert” warnings on envelopes of mail sent to millions of Americans.
‘Pre-bunking’ impostor scams
In their research, Robb and his colleagues tried another method, known as “inoculation theory,” in which people are exposed to a dangerous appeal in a controlled setting so they can learn over time to resist it. “Pre-bunking,” as the technique is also known, has been used effectively to combat recruiting campaigns by extremist groups and misinformation from fake news sources.
In one experiment involving a nationally representative group of more than 1,000 U.S. adults, Robb and behavioral scientist Stephen Wendel showed some participants an assortment of messages, including both authentic SSA communications and others modeled on scam texts and emails. People were asked to guess whether each message was real or fake, and were given pointers about what details might help them tell the difference.
Other participants were given only “static information” beforehand, such as unrelated reading matter about internet addiction (in the case of a control group) or existing SSA warnings about scams. In subsequent tests, those who received the interactive training performed significantly better at identifying both fraudulent messages and real ones.
Exposure to simulated scams “helped people to deal with and identify the core mechanisms by which these scams operated and, essentially, helped them to build up defenses,” Robb says. Over time, he adds, it becomes second nature for subjects to spot “the hallmark of false communications,” as well as indications that a message can be trusted.
“What they found in terms of interactive engagement makes a lot of sense,” Kathy Stokes, director of fraud prevention programs at AARP, says of the study. “We see it for ourselves in the cybersecurity training we get as employees of AARP. That’s also the intent behind sending employees fake scam emails to see if they interact.”