Rational choice on a hacker forum: The effect of risk and reward cues on target selection for account hijacking

classical criminology indidivual offenders cyber-dependent crime hacking quantitative methods

Journal article

Danielle Stibbe (Netherlands Institute for the Study of Crime and Law Enforcement (NSCR) & Department of Sociology, Utrecht University) , Stijn Ruiter (Netherlands Institute for the Study of Crime and Law Enforcement (NSCR) & Department of Sociology, Utrecht University) , Wouter Steenbeek (Netherlands Institute for the Study of Crime and Law Enforcement (NSCR)) , Asier Moneva (Netherlands Institute for the Study of Crime and Law Enforcement (NSCR) & Centre of Expertise Cyber Security at The Hague University of Applied Sciences)
2025-02-05

Abstract

This online field experiment tested how risk and reward cues in (fake) account credential ads on a hacker forum influence target selection for account hijacking. High-risk posts, warning of account monitoring, received fewer views, while high-reward posts, promising benefits, attracted more. An unexpected law enforcement operation targeting an illicit marketplace created a natural experiment, triggering increased removals of high-risk posts by forum administrators, which slowed over time. These findings suggest hacker forum users respond rationally to risk and reward cues in target selection, and forum administrators adapt their moderation efforts in response to external threats to reduce perceived risk.

Links

Reuse

Text and figures are licensed under Creative Commons Attribution CC BY 4.0. The figures that have been reused from other sources don't fall under this license and can be recognized by a note in their caption: "Figure from ...".