Cybercrimeology

Notes: Cybercrime is often treated as a distinct phenomenon, but there are strong continuities with offline crime that are frequently overlooked. Digital technologies change behaviour and scale, but do not fundamentally alter the social dynamics underlying crime. There is a significant gap between the harms experienced by individuals and the institutions available to respond to those harms. Federal law enforcement has expanded cyber capabilities, but local and state-level responses to individual victimization remain limited. Private sector actors, particularly financial institutions, play a major role in responding to financially motivated cybercrime. Non-financial cyber harms, such as sextortion or image-based abuse, often fall outside both private and public response systems. In the absence of clear response pathways, private companies are emerging to fill the gap, sometimes exploiting victims seeking help. Public attitudes toward police in cybercrime contexts are shaped by perceptions that police do not care or are unable to help. These attitudes mirror broader perceptions of policing, indicating continuity between offline and online trust dynamics. Perceptions of police capability differ depending on the type of cybercrime: Computer-focused crimes (e.g., malware) are associated with lower perceived police usefulness Interpersonal cybercrimes (e.g., sextortion) are associated with higher perceived police relevance Perceived likelihood of victimization reduces confidence in police effectiveness, while fear increases it. Gender differences emerge, with men less likely to believe police can help in cybercrime contexts. A central problem is definitional ambiguity: There is no consistent definition of cybercrime across agencies This limits measurement, comparison, and policy design Reporting systems are fragmented and often poorly understood by the public. Cybercrime often involves chains of offences, making classification and response assignment difficult. Comparative research suggests that investment and coordination can improve public confidence, but large-scale successes do not always translate to individual-level trust. About our guest: Rachel McNealey https://www.linkedin.com/in/rachel-mcnealey-4b8720284/ Papers or resources mentioned in this episode: McNealey, R. L., Figueroa, C. I., & Maher, C. A. (2025). “Police can't help you”: Exploring influences on perceptions of policing cybercrime. Journal of Criminal Justice, 101, 102542. https://doi.org/10.1016/j.jcrimjus.2025.102542 Hale, R., & Penzendstadler, N. (2025, March 20). Digital forensics firms promise help to sextortion victims. Some leave them worse off. USA Today. https://www.usatoday.com/story/life/health-wellness/2025/03/20/digital-forensics-sexortion-blackmail-recovery-services/81934584007/ Other: Internet Crime Complaint Center (IC3): https://www.ic3.gov/

Notes: Dr Samuel Tanner began his doctoral research examining war crimes and armed militias involved in mass violence in the Balkans, conducting extensive fieldwork and interviews with participants on multiple sides of the conflict. A central puzzle of his PhD research was not denial of violence, but how individuals who acknowledged their participation struggled to explain how they came to commit acts of mass violence. This led to an intellectual shift from viewing violence as purely intentional to understanding it as embedded in structures, representations, and processes of sense-making. Following a postdoctoral year at MIT working with political scientist Roger Petersen, Dr Tanner deepened his focus on the relationship between political violence, identity narratives, and institutional structures. After joining the Université de Montréal, he shifted toward research on policing and later co-led a major project examining right-wing extremism in Canada beginning in 2013. The Canadian project revealed that relatively few participants were “true believers.” Many were navigating economic precarity, cultural uncertainty, and political confusion, often influenced by moral or ideological entrepreneurs. Fieldwork in this area involved significant challenges, including surveillance, threats, cancelled interviews, and difficulties accessing participants. During the COVID-19 pandemic, Dr Tanner and colleagues examined anti-restriction movements and observed how disinformation and fragmented information ecosystems shaped divergent interpretations of shared events. He argues that information is not neutral. Information produces order. The ways in which information is produced, amplified, and consumed shape how individuals interpret reality and coordinate socially. Social media platforms function as privatized public spaces, structuring discourse through governance mechanisms that are not democratically accountable. Dr Tanner’s more recent research focuses on the evolution of extremist discourse, particularly the emergence of “pop masculinism,” where gendered and anti-feminist narratives are embedded within popular culture, fitness culture, gaming aesthetics, and entrepreneurial self-discipline discourse. The “sigma” discourse operates as a gateway into broader manosphere ideologies by framing personal discipline and self-improvement in opposition to women, feminism, and equality discourse. Interviews with young men and women reveal perceptions of a growing gender gap, including feelings among some young men of status loss and lack of positive role models. Dr Tanner raises concern about the erosion of shared institutional facts and the desynchronization of social expectations, suggesting that social trust depends upon shared informational baselines. He argues for an expanded criminology attentive to digital environments, disinformation, and the governance of online prejudice, aligning with broader developments in digital criminology. Central to his work is the question: how do people make sense of their world when institutional anchors weaken and informational environments fragment? About our guest: Dr Samuel Tanner https://crim.umontreal.ca/repertoire-departement/professeurs/professeur/in/in15014/sg/Samuel Tanner/ Papers or resources mentioned in this episode: Tanner, Samuel & Gillardin, François (2025).Toxic Communication on TikTok: Sigma Masculinities and Gendered Disinformation.Social Media + Society, 11(1).https://doi.org/10.1177/20563051251313844 Open access PDF:https://doi.org/10.1177/20563051251313844 Leman-Langlois, Stéphane, Campana, Aurélie & Tanner, Samuel (2024).The Great Right North: Inside Far-Right Activism in Canada. McGill-Queen’s University Press. (Book overview: https://www.jstor.org/stable/jj.20829378) People mentioned in this episode: Jean-Paul Brodeur — Presses de l’Université de Montréal (institutional collection page) https://pum.umontreal.ca/collections/jean-paul-brodeur/ Roger D. Petersen — MIT Political Science profile https://polisci.mit.edu/people/roger-petersen Aurélie Campana — Université Laval (Faculté des sciences sociales) https://www.fss.ulaval.ca/notre-faculte/repertoire-du-personnel/aurelie-campana Stéphane Leman-Langlois — Université Laval (Faculté des sciences sociales) https://www.fss.ulaval.ca/notre-faculte/repertoire-du-personnel/stephane-leman-langlois François Gillardin — Centre international de criminologie comparée (CICC), Université de Montréal https://www.cicc-iccc.org/fr/personnes/etudiants-supervises/gillardin Francis Dupuis-Déri — UQAM Professor https://professeurs.uqam.ca/professeur/dupuis-deri.francis Anastasia Powell — RMIT University https://www.rmit.edu.au/profiles/p/anastasia-powell Other: The term enrobage naïf (or naïf enrobage, as said) refers to a veneer of naivety; in this case, a problematic discourse wrapped in innocent or everyday cultural forms, akin to a wolf in sheep’s clothing.

Notes:Dr Bekkers describes his academic pathway from psychology to criminology and explains why his research focus has consistently been on offenders and their behaviour rather than on offences or technologies.Cybercrime offenders are often portrayed as a homogeneous group of highly skilled hackers, but research shows they are a heterogeneous population with distinct motivations, skills, and pathways into crime.A key distinction can be made between financially motivated cybercrime, such as online fraud, and more technically complex cyber-dependent crimes such as hacking, DDoS attacks, and website defacement.Financially motivated cybercrime offenders often resemble traditional offline offenders and may commit both online and offline crimes, with similar risk factors, peer influences, and personality profiles.Technically skilled cyber offenders tend to show different characteristics, including higher levels of self-control and intrinsic motivations such as curiosity, challenge, and skill development.Research suggests that traditional criminological theories still help explain some forms of cybercrime, particularly financially motivated offences, while other forms require additional or adapted theoretical approaches.Gaming environments may act as pathways into certain forms of cybercrime by facilitating skill development, exposure to deviant peers, and access to illicit online forums, though gaming may also be protective in some contexts.Parental supervision and open communication may play a role in shaping online behaviour, similar to the role of guardianship and social control in offline offending.Law enforcement responses differ depending on the type of cybercrime, with financially motivated offences often handled by local police and more technical crimes investigated by specialized units.Dr Bekkers highlights the need for longitudinal research and greater engagement with offenders to better understand pathways into cybercrime and to inform prevention and intervention strategies.About our guest:Dr Luuk Bekkershttps://www.thuas.com/research/research-groups/team-cybercrime-cybersecurityhttps://www.linkedin.com/in/luuk-bekkers-79621b162/Papers or resources mentioned in this episode:Bekkers, L. M. J., Moneva, A., & Leukfeldt, E. R. (2025). Distinct group, distinct traits? A comparison of risk factors across cybercrime offenders, traditional offenders and non-offenders. Psychiatry, Psychology and Law, 1–25. https://doi.org/10.1080/13218719.2025.2546311Bekkers, L. M., Holt, T. J., & Leukfeldt, E. R. (2025). The psychological correlates of cybercrime offending: Exploring the self-control/social learning relationship in serious cyber-dependent crime. European Journal of Criminology, 0(0). https://doi.org/10.1177/14773708251378356Bekkers, L. M. J., Holt, T. J., & Leukfeldt, E. R. (2025). Exploring the factors that differentiate individual and group offenders in cyber-dependent crime. Journal of Criminal Justice, 101, 102522. https://doi.org/10.1016/j.jcrimjus.2025.102522

Notes:Julia Prümmer describes her transition from legal psychology into cybersecurity research and how psychological methods shape her approach to cybersecurity training.The discussion explores the role of systematic reviews in mapping what a research field actually knows, rather than relying on highly visible or frequently cited studies.Findings from a large-scale systematic review of cybersecurity training methods are discussed, highlighting the diversity of training approaches used across the literature.The episode examines results from a meta-analysis assessing the overall effectiveness of cybersecurity training and the gap between improvements in precursors such as knowledge and intentions versus observable behaviour.Julia explains why many cybersecurity training programmes lack explicit behavioural theory and rely on trial-and-error design choices.A key theme is the distinction between cybersecurity behaviours that require active engagement, such as phishing detection, and behaviours that may benefit from habit formation, such as screen locking or password management.The conversation draws on research into email habits and phishing susceptibility to illustrate how habitual behaviour can increase vulnerability in certain contexts.Julia discusses the use of psychological theory, including habit formation and implementation intentions, to design and evaluate cybersecurity training interventions.The episode concludes with reflections on the future of cybersecurity training research and the need for behaviour-specific, theory-informed models.About our Guest:Julia Prümmerhttps://www.universiteitleiden.nl/medewerkers/julia-prummer#tab-1https://www.linkedin.com/in/julia-prümmer-376778159/Papers or resources mentioned in this episode Prümmer, J., van Steen, T., & van den Berg, B. (2024). A systematic review of current cybersecurity training methods. Computers & Security, 136, 103585.https://doi.org/10.1016/j.cose.2023.103585Prümmer, J. (2024). The role of cognition in developing successful cybersecurity training programs: Passive vs. active engagement. In D. D. Schmorrow & C. M. Fidopiastis (Eds.), Augmented cognition. HCII 2024 (Lecture Notes in Computer Science, Vol. 14695, pp. 185–199). Springer.https://scholarlypublications.universiteitleiden.nl/handle/1887/4093101Prümmer, J., van Steen, T., & van den Berg, B. (2025). Assessing the effect of cybersecurity training on end-users: A meta-analysis. Computers & Security, 150, 104206.https://doi.org/10.1016/j.cose.2024.104206Vishwanath, A. (2015). Examining the distinct antecedents of e-mail habits and its influence on the outcomes of a phishing attack. Journal of Computer-Mediated Communication, 20(5), 570–584.https://doi.org/10.1111/jcc4.12126Other If this topic of training as an intervention to reduce susceptibility to cybercrime, you might also enjoy the recent Episodes 123, 116, 110, 106, 60, and 59 that are all on related topics. If you are brave you can even go right back to Episodes 6, 7 and 8, there is a lot to listen to.

otes:Melissa completed her PhD after two decades of operational work, bringing a pracademic perspective to cyber profiling and offender pathways.Her research focuses on understanding the human behind the keyboard through developmental history, motivation and lived experience.Initial motivations among hackers often centre on curiosity, challenge seeking and belonging rather than financial gain.Many participants reported early interest in technology, solitary online activity and experiences they described as destabilising events.Melissa distinguishes between lawful and criminal pathways using indicators such as modifying games, low self-control and a history of property offending.Her work highlights misunderstandings about intent, the role of gamification and the abstraction of harm when offending takes place online.She argues that cybercrime is a societal problem requiring early education, parental and teacher capability building and partnerships with tech and gaming companies.Diversion programs are essential to guide youth with technical interest toward prosocial cybersecurity roles rather than criminalisation.About our guest:Dr Melissa Martineauhttps://www.linkedin.com/in/melissa-martineau-369bb5258/https://www.captechu.edu/webinar-series-melissa-martineauPapers or resources mentioned in this episode:Martineau, M. (2023). The pathways of cyber dependent offenders. Journal of Cybercriminology, 3(3), 32.https://www.mdpi.com/2673-6756/3/3/32Martineau, M. (2024). Distinguishing lawful and criminal hacker trajectories. Journal of Cybercriminology, 4(4), 45.https://www.mdpi.com/2673-6756/4/4/45Other:Dr Martineau wanted to share something called PRISMA (Preferred Reporting Items for Systematic reviews and Meta-Analyses) which is a helpful guideline designed to improve the reporting of systematic reviews. You can find out more about it here. http://www.prisma-statement.org

Episode Notes:Dr Ho describes an empirical research agenda focused on how security actually operates in organisations. He explains his experience with getting this research off the ground to allow them to perform the research in this setting.Study setting and scope: eight-month randomised controlled trial at UC San Diego Health involving ~19,500 employees and ten distinct phishing campaign lures.Annual awareness training: the study found no significant relationship between how recently staff completed the mandated course and their likelihood of failing a simulated phishing campaign.Embedded training (when someone clicks a phishing simulation and is immediately redirected to training): the measurable improvement was very small (≈2% reduction in failure rate) and varied significantly by lure and engagement.Engagement challenge: The vast majority of embedded-training sessions were extremely short or incomplete, a key factor in explaining limited effect size.Variability of lure difficulty: Some phishing lures elicited very low click-rates (~1.8%) while others up to ~30.8%, indicating that the phishing stimulus matters as much as, or more than, the training intervention.Practical takeaway: Organizations should treat training (especially annually mandated modules) as only one part of a broader defence strategy, and design empirical measurement systems (including controls, realistic lures, and sustained engagement) before assuming large effect sizes.About our Guest:Dr Grant Ho Profile: https://cs.uchicago.edu/people/grant-ho/Papers or resources mentioned in this episode:Ho, G.; Mirian, A.; Luo, E.; Tong, K.; Lee, E.; Liu, L.; Longhurst, C.A.; Dameff, C.; Voelker, G.M. (2025). Understanding the Efficacy of Phishing Training in Practice: A Randomized Controlled Trial at a Large Health Organisation. Presented at the IEEE Symposium on Security & Privacy (May 2025). Full PDF: https://people.cs.uchicago.edu/~grantho/papers/oakland2025_phishing-training.pdfOther: I mentioned some figures about the spending on cybercsecurity education and training, You can find those here. Canadian Survey of Cyber Security and Cybercrime (CSCSC)https://www23.statcan.gc.ca/imdb/p2SV.pl?Function=getSurvey&SDDS=5244Get convenient Excel Tables of the Statistics from 2017 and 2019. https://www.serene-risc.ca/en/statistics-canadaOther Other:Dr Ho was great to chat with and has a long history of researching phishing, Some of his older work that is more technical in nature, as so we didn't talk about in the episode, but in the case that it might be interesting to you, here are some links: Ho, G., Sharma, A., Javed, M., Paxson, V., & Wagner, D. (2017). Detecting Credential Spearphishing Attacks in Enterprise Settings. In Proceedings of the 26th USENIX Security Symposium (USENIX Security ’17), Vancouver, BC, Canada, August 16-18, 2017. USENIX Association. ISBN 978-1-931971-40-9.PDF: https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-ho.pdf USENIX+2USENIX+2Presentation page: https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/hoUSENIX+1Ho, G., Cidon, A., Gavish, L., Schweighauser, M., Paxson, V., Savage, S., Voelker, G. M., & Wagner, D. (2019). Detecting and Characterizing Lateral Phishing at Scale. In Proceedings of the 28th USENIX Security Symposium (USENIX Security ’19), Santa Clara, CA, USA, August 14-16, 2019. USENIX Association. ISBN 978-1-939133-06-9.PDF: https://www.usenix.org/system/files/sec19-ho.pdf USENIX+1Presentation page: https://www.usenix.org/conference/usenixsecurity19/presentation/ho USENIX

Trigger warning: This episode includes discussion of suicide in the context of researching measurable predictive indicators and the lack thereof in the context of cyber. Episode NotesDr Caputo's path from social psychology to applied security, including intelligence analysis and building a behavioural-science team at MITRE.What MITRE is: a not-for-profit operating six federally funded R&D centres that provide independent, public-interest research alongside government.Why early “indicator” hunting on endpoints often chased the last bad case; shifting to experiments and known-bad/created-bad data to learn patterns of behaviour change.The LinkedIn recruiter field experiment: ethically approved creation of recruiter personas, staged outreach in three messages, and follow-up interviews to understand reporting barriers.What user-activity monitoring can and cannot tell you; the role of human judgement and programme design.Insider-risk is not only “malicious users”: designing programmes for negligent, mistaken or outsmarted behaviours as well.Current lines of work include improving employee recognition and reporting of malicious elicitations and exploring whether insider-risk telemetry offers early signals of suicide risk.Why multidisciplinary teams beat solo efforts in insider-risk operations.About our guest:Dr. Deanna D. Caputo MITRE Insider Threat Research & Solutions profile: https://insiderthreat.mitre.org/dr-caputo/ LinkedIn: https://www.linkedin.com/in/dr-deanna-d-caputoPapers or resources mentioned in this episode:Caputo, D. D. (2024). Employee risk recognition and reporting of malicious elicitations: Longitudinal improvement with new skills-based training. Frontiers in Psychology. https://www.frontiersin.org/journals/psychology/articles/10.3389/fpsyg.2024.1410426/full MITRE Insider Threat Research & Solutions. (2025). Suicide risk and insider-risk telemetry overview. https://insiderthreat.mitre.org/suicide-risk/ MITRE. (2024). Managing insider threats is a team sport. https://www.mitre.org/news-insights/impact-story/managing-insider-threats-team-sport MITRE Insider Threat Research & Solutions. (2024). Capability overview two-pager (PDF). https://insiderthreat.mitre.org/wp-content/uploads/2024/06/MITREInTResearchSolutions-CapabilityTwoPager-24-0659_2024-02-01.pdf MITRE Insider Threat Research & Solutions. (2024). Insider Threat Behavioural Risk Framework two-pager (PDF). https://insiderthreat.mitre.org/wp-content/uploads/2024/06/MITREInTResearchSolutions-InTFramework_TwoPager-24-0674_2024-03-18.pdf

Show Notes:Daniëlle began her academic path in psychology, later moving into criminology through her interest in decision making and online behaviour.Her PhD research at NSCR focuses on cybercriminal decision making, using honeypots and experiments in real online environments.Early experiments tested how different rewards affected access attempts on fake accounts.A major focus has been on the impact of Operation Cookie Monster (2023), which disrupted the Genesis Market. Danielle’s work examined how this law enforcement operation influenced behaviour and moderation practices on hacker forums.She emphasizes the value of experiments in the field, which allow researchers to test criminological theories with live offender behaviour, while balancing strict ethical and legal safeguards.About our guest:Danielle StibbeNSCR Profile Page: https://nscr.nl/en/medewerker/danielle-stibbe-msc/Google Scholar: https://scholar.google.com/citations?user=1fsHJEgAAAAJ&hl=enLinkedIn: https://www.linkedin.com/in/danielle-stibbe/?originalSubdomain=nlPapers or resources mentioned in this episode:Onaolapo, J., Mariconti, E., & Stringhini, G. (2016). What happens after you are pwnd: Understanding the use of leaked webmail credentials in the wild. Proceedings of the 2016 Internet Measurement Conference. https://doi.org/10.1145/2987443.2987475Europol (2023). Operation Cookie Monster: Genesis Market taken down in coordinated international action.https://www.europol.europa.eu/media-press/newsroom/news/operation-cookie-monster-genesis-market-taken-down-in-coordinated-international-actionOxford Handbook of Criminal Decision Making (2016). Eds. Bruinsma & Weisburd. Oxford University Press.Other:The open science framework https://osf.io

Episode NotesAbout our guest:Dr. Francesco Carlo CampisiPhD in Criminology, Université de MontréalResearcher, International Centre for Comparative Criminology🔗 https://www.cicc-iccc.org/fr/personnes/etudiants-supervises/carlo-campisi🔗 https://www.linkedin.com/in/francesco-carlo-campisi-aa3576125/Topics discussed in this episode:From street gangs to digital deviance: a research trajectoryWhy “recruitment” doesn’t fit how modern movements growHow groups like QAnon and Anonymous influence participation onlineUsing social media metrics to measure engagementEmotional capital, visibility, and symbolic participationUpdating resource mobilization theory for digital contextsHashtag hijacking and online visibility strategiesStochastic terrorism and the challenge of lone-wolf violencePapers or resources mentioned in this episode:Campisi, F. (2024). Unveiling the digital underworld – Exploring cyberbanging and recruitment of Canadian street gang members on social media. Canadian Journal of Criminology and Criminal Justice, 66. https://doi.org/10.3138/cjccj-2023-0033Campisi, F., Fortin, F., & Néron, M.-E. (2022). Hacktivists from the inside: Collective identity, target selection and tactical use of media during the Quebec Maple Spring protests. Presented at the ICCC Symposium. Available on ResearchGateCampisi, F., & Beauregard, E. (2025). QAnon’s use of hashtag hijacking on X and its impact on online engagement. SSRN preprint. LinkMcCarthy, J. D., & Zald, M. N. (1977). Resource mobilization and social movements: A partial theory. American Journal of Sociology, 82(6), 1212–1241.Vigil, J. D. (1988). Barrio gangs: Street life and identity in Southern California. University of Texas Press. https://www.ojp.gov/ncjrs/virtual-library/abstracts/barrio-gangs-street-life-and-identity-southern-california-0Other:If you are curious about the video that was taken down, you should watch this video.https://www.youtube.com/watch?v=PIyrzMThHq8

About our guest:Dr. Iain ReidSenior Lecturer in CybercrimeUniversity of Portsmouthhttps://www.port.ac.uk/about-us/structure-and-governance/our-people/our-staff/iain-reid Topics discussed in this episode:How principles of military deception map onto cybersecurityWhy the phrase “the human is the weakest link” oversimplifies riskWhat it’s like to research developer perspectives on secure softwareThe psychology of decision-making in phishing attacksHow time pressure influences risky digital behaviourThe limits of “security culture” as an organizational solutionHow cyber deception fits within defence-in-depth Papers or resources mentioned:Reid, I., Okeke-Ramos, A., & Serafin, M. (2024). Exploring the ethics of cyber deception technologies for defensive cyber deception. In P. Bednar, J. Kävrestad, E. Bergström, M. Rajanen, H. V. Hult, A. M. Braccini, A. S. Islind, & F. Zaghloul (Eds.), Proceedings of the 10th International Conference on Socio-Technical Perspectives in Information Systems (STPIS 2024) (pp. 140-148). (CEUR Workshop Proceedings). https://ceur-ws.org/Vol-3857Whaley, B. (2007). Stratagem: deception and surprise in war. Artech.Rowe, N.C., Rrushi, J. (2016). Measuring Deception. In: Introduction to Cyberdeception. Springer, Cham. https://doi.org/10.1007/978-3-319-41187-3_11Ashenden, D., Ollis, G., & Reid, I. (2022, October). Dancing, not Wrestling: Moving from Compliance to Concordance for Secure Software Development. In Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (pp. 1-9).Paris Call for Trust and Security in Cyberspacehttps://pariscall.international OtherI would like to thank Dudley the French Bulldog for the invaluable (unavoidable) contribution to this episode.

In this episode:How Estelle became involved in ransomware research between degreesThe scale and origin of the ContiLeaks datasetUsing machine learning and topic modelling to analyse criminal group communicationsWhat the internal chat data revealed about the organizational structure of ContiSurprising insights about roles, specializations, and tasking within a criminal enterpriseWhy making cybercrime research accessible through data visualization mattersAbout our guest:Estelle Ruellanhttps://www.linkedin.com/in/estelle-ruellan/Papers or resources mentioned in this episode:Ruellan, E., Paquet-Clouston, M., & Garcia, S. (2024).Conti Inc.: understanding the internal discussions of a large ransomware-as-a-service operator with machine learning. Crime Science, 13, 16. https://doi.org/10.1186/s40163-024-00212-yFlare Data Explorer – Explore cybercrime datasets visually:https://flare.io/flare-data-explorer/Other:Wikipedia – Conti (ransomware): https://en.wikipedia.org/wiki/Conti_(ransomware)Wikipedia – Topic model: https://en.wikipedia.org/wiki/Topic_model

Notes:Paper mills are fraudulent commercial enterprises that fabricate scientific papers and sell authorship, citations, and other academic credentials—often at scale.Sarah Eaton and Sabina Alam first collaborated through COPE (Committee on Publication Ethics) and later worked together in United2Act, an international initiative focused on tackling paper mills.The conversation draws parallels between scientific paper mills and contract cheating in higher education, both of which undermine academic integrity for financial gain.Eaton and Alam discuss how metrics-based performance systems in universities and publishing environments create conditions ripe for abuse.Publishers and universities historically avoided transparency, but the scale of the problem has led to greater collaboration between stakeholders.The duo share insights into early warning signs of fraudulent submissions and describe the development of technological and administrative countermeasures.Particular attention is given to the harm paper mills cause: from corrupting citation networks to potentially endangering lives with fabricated data in medical journals.The “Andrew Vickers Curse” is discussed as a case study illustrating how citation manipulation by paper mills can entangle innocent researchers.The episode closes with a call for broader participation in the second phase of United2Act, particularly from research funders, IT specialists, and institutional stakeholders.About our guests:Dr. Sarah Elaine Eatonhttps://profiles.ucalgary.ca/sarah-eatonhttps://drsaraheaton.com/about/Dr. Sabina Alamhttps://www.taylorandfrancis.com/about/ethics-integrity/https://www.csescienceeditor.org/article/dr-sabina-alam-shaping-critical-thinking-about-science/ Papers or resources mentioned in this episode:United2Act initiative: https://united2act.orgMagazinov, Alexander. (2023). The Andrew Vickers Curse: secret revealed!, For Better Sciencehttps://forbetterscience.com/2023/07/31/the-vickers-curse-secret-revealed/ Other:Glossary of terms and acronyms:COPE – Committee on Publication Ethics: An international body that provides advice to editors and publishers on all aspects of publication ethics.STM – International Association of Scientific, Technical and Medical Publishers: A global trade association supporting academic publishing and information dissemination.Q1/Q2 Journal – Journals ranked in the top (Q1) or second (Q2) quartile based on impact metrics such as citation counts or journal reputation.Term paper mill – A business that sells pre-written or custom academic papers, often used in contract cheating by students.Contract cheating – A form of academic dishonesty where students outsource assessments to third parties.Retraction – The removal of a published article from the scientific record, typically due to error or misconduct.Desk reject – When a manuscript is rejected by a journal editor before it is sent out for peer review.Citation ring – A group of papers or authors who cite each other extensively to artificially inflate citation metrics.Paper Mills - Organisations or individuals that aim to profit from the creation, sale, peer review and/or citation of manuscripts at scale which contain low value or fraudulent content and/or authorship, with the aim of publication in scholarly journals.A big thank you to the United2Act people for coming out of their comfort zone and chatting to me about this. This bravery is how science as an interdisciplinary pursuit driven by curiosity and collaboration happens.

Episode Notes:Dr. Reeves’ Background – Trained as a psychologist, his interest in cybersecurity emerged from a talk connecting human error to security breaches.Cybersecurity Fatigue Defined – A form of disengagement where employees lose motivation to follow security practices due to overload and conflicting advice.Not Just Apathy – Fatigue often affects people who initially cared about cybersecurity but were worn down by excessive or ineffective interventions.Training Shortcomings – Lecture-style, one-way training is frequently perceived as boring, irrelevant, or contradictory to users' experiences.Compliance vs. Effectiveness – Many organizations implement security training to meet legal requirements, even if it fails to change behavior.Reactance in Security – Users may intentionally ignore advice or rules to assert control, especially when training feels micromanaging or patronizing.Better Through Design – Reeves argues that secure systems should reduce the need for user decisions by simplifying or removing risky options altogether.Remove Rather Than Train – Limiting administrative rights is often more effective than trying to educate users out of risky behaviors.Mismatch With Reality – Generic training that conflicts with real policies or system restrictions can confuse or alienate users.Cognitive Load and Decision-Making – Under stress or fatigue, users rely on mental shortcuts (heuristics), which attackers exploit.Personal Example of Being Fooled – Reeves recounts nearly falling for a scam due to time pressure, illustrating how stress weakens judgment.Cybersecurity Buddy System – Recommends encouraging users to consult peers when making sensitive decisions, especially under pressure.Cyber Deception Strategies – Reeves now researches ways to mislead and trap attackers inside systems using decoys and tripwires.Applying Psychology to Attackers – The same behavioral models used to study users can help predict and manipulate attacker behavior.Empowering Defenders – Deception technologies can help security teams regain a sense of agency, shifting from reactive defense to proactive engagemenAbout our guest:Dr. Andrew Reeveshttps://www.linkedin.com/in/andrewreevescyber/https://research.unsw.edu.au/people/dr-andrew-reeveshttps://www.unsw.edu.au/research/ifcyberPapers or resources mentioned in this episode:Reeves, A., Delfabbro, P., & Calic, D. (2021). Encouraging employee engagement with cybersecurity: How to tackle cyber fatigue. SAGE Open, 11(1).https://doi.org/10.1177/21582440211000049Reeves, A., Calic, D., & Delfabbro, P. (2023). Generic and unusable: Understanding employee perceptions of cybersecurity training and measuring advice fatigue. Computers & Security, 128, 103137.https://doi.org/10.1016/j.cose.2023.103137Reeves, A., & Ashenden, D. (2023). Understanding decision making in security operations centres: Building the case for cyber deception technology. Frontiers in Psychology, 14, 1165705.https://doi.org/10.3389/fpsyg.2023.1165705Other:UNSW Institute for Cyber Security (IFCYBER)https://www.unsw.edu.au/research/ifcyber

Episode NotesSMEs struggle with cybersecurity due to time, cost, and lack of expertise, despite recognizing its importance.An automated cybersecurity scan was developed to assess SME websites and email security without requiring them to opt-in.Physical reports were mailed instead of emailed to avoid phishing concerns and increase credibility.Reports included security ratings on ten key areas and recommendations for improvement.Businesses were encouraged to consult their existing IT providers for fixes rather than relying on external services.Different risk communication strategies were tested to encourage SMEs to act on the findings.“Anticipated Regret” messaging (“Fix it now or regret it later”) led to the highest cybersecurity improvements.All groups, including the control group, showed some improvement, suggesting broader awareness of cybersecurity issues.Engagement was low, with only a small number of businesses reaching out after receiving the report.Legal concerns about scanning businesses without consent were addressed—publicly available cybersecurity data can be legally assessed.Ethical approval confirmed the project was non-commercial and aimed solely at helping businesses improve security.A follow-up version of the project will introduce an opt-out option before scanning businesses.Industry associations may partner with the project to increase credibility and adoption.The intervention will be scaled up, with more businesses included and a longer time frame for assessing impact.Future plans include adapting the intervention internationally, using lessons learned to assist SMEs in other regions. About Our GuestDr. Susanne van ’t Hoff-de Goedehttps://www.linkedin.com/in/susanne-van-t-hoff-de-goede/https://www.thuas.com/research/centre-expertise/team-cyber-security Resources and Research MentionedExamining Ransomware Payment Decision-making Among SMEsMatthijsse, S. R., Moneva, A., van ’t Hoff-de Goede, M. S., & Leukfeldt, E. R.European Journal of Criminology.Explaining Cybercrime Victimization Using a Longitudinal Population-based Survey Experimentvan ’t Hoff-de Goede, M. S., van de Weijer, S., & Leukfeldt, R.Journal of Crime and Justice, 47(4), 472-491 (2024).How Safely Do We Behave Online? An Explanatory Study into the Cybersecurity Behaviors of Dutch Citizensvan der Kleij, R., van ’t Hoff-de Goede, S., van de Weijer, S., & Leukfeldt, R.In: International Conference on Applied Human Factors and Ergonomics (2021), pp. 238-246.The Online Behaviour and Victimization Studyvan ’t Hoff-de Goede, M. S., Leukfeldt, E. R., van der Kleij, R., …In:Cybercrime in Context: The human factor in victimization, offending, and … (2021). OtherDutch Government Cybersecurity Resourcehttps://english.ncsc.nl(English-language site for the Netherlands’ National Cyber Security Centre)Secure Internetting (in Dutch)https://veiliginternetten.nl/

Episode Summary (Dot Points)Understanding Cybercrime through Strain and Anomie TheoriesDr. Dearden explains how strain theory and anomie theory provide insights into cybercriminal motivations.Discussion on economic and social pressures that push individuals toward cybercrime, including unemployment, inequality, and lack of upward mobility.The Role of Honeypots in Cybercrime ResearchOverview of honeypots—deceptive systems designed to attract cyber attackers.How honeypots help researchers observe and analyze hacker behaviors in real-world settings.Differences in hacking techniques and motivations across different regions.Regional Variations in Cybercriminal ActivitiesWhy cybercrime is not uniformly distributed worldwide despite the internet being a global network.Case studies on West African romance scams, Russian cyber operations, and Indian call center frauds.The interplay between legitimate and illegitimate economies in cybercrime hotspots.Cybercrime and Economic OpportunityFindings from recent research on how financial strain vs. greed influences cybercrime.The role of cryptocurrency in enabling financial cybercrimes and providing anonymity to offenders.Discussion on how cybercrime prevention strategies need to address offender motivations, not just security vulnerabilities.Future Research and Policy ImplicationsThe need for broader, structural changes to mitigate cybercrime, rather than relying solely on reactive security measures.How cross-national studies and criminological data collection can improve cybercrime prevention strategies.Upcoming projects on measuring cyber-offending patterns and regional differences in hacking behavior.About Our GuestDr. Thomas Deardenhttps://liberalarts.vt.edu/departments-and-schools/department-of-sociology/faculty/thomas-dearden.htmlPapers and Resources Mentioned in This EpisodeDearden, T. E., & Gottschalk, P. (2024).Convenience Theory and Cybercrime Opportunity: An Analysis of Online Cyberoffending.Deviant Behavior.DOI LinkParti, K., & Dearden, T. (2024).Cybercrime and Strain Theory: An Examination of Online Crime and Gender.International Journal of Criminology and Sociology. https://doi.org/10.6000/1929-4409.2024.13.19Dearden, T. E., Parti, K., & Hawdon, J. (2022).Institutional Anomie Theory and Cybercrime: Cybercrime and the American Dream.Journal of Contemporary Criminal Justice. https://doi.org/10.1177/10439862211001590 Related Episodes Featuring Dr. DeardenEpisode 39 : Strained Dreams: Cybercrime and Institutional Anomiehttps://www.cybercrimeology.com/episodes/strained-dreams-cybercrime-and-institutional-anomie Other:The Human Factors in cybercrime Conference: https://www.hfc-conference.comWe had a chat in a room with a bunch of people just outside having their own great conversations. Kind of nice to get a little bit of that vibe into the mix. Conferences can be a lot of fun ;)/.To the best of my knowledge, no bovines were harmed during the recording of this episode.

Key Points Discussed:Defining Ethical Hacking: Ethical hackers use their skills to identify and report vulnerabilities, often to enhance cybersecurity in various capacities, including voluntary work, bug bounty programs, or professional roles.Research Focus: Dr. Weulen Kranenbarg’s studies highlight a significant overlap between positive and negative cyber behaviors, particularly among IT students, and explore how individuals transition toward ethical hacking.Ethical Hacking as a Pathway:Early positive experiences, such as reporting vulnerabilities to schools or organizations, can strongly influence individuals toward ethical hacking.Responses from organizations play a critical role—positive reinforcement encourages further ethical behavior, while negative experiences can deter individuals.Challenges in Defining Ethics:Ethical hackers themselves debate the boundaries of what constitutes ethical behavior, such as whether making vulnerabilities public is acceptable if organizations fail to act.The term "ethical hacker" is often contentious within the community.Role of Education: Schools struggle to address and guide ethical behavior among IT students effectively. Clear vulnerability disclosure policies and ethics education in IT programs are crucial.Future Research Directions: Dr. Weulen Kranenbarg plans to conduct life-history interviews with hackers to better understand their pathways and influences toward ethical behavior.About our Guest:Dr Marleen Weulen Kranenbarghttps://research.vu.nl/en/persons/marleen-weulen-kranenbarg Papers or Resources Mentioned:Weulen Kranenbarg, M. (2018). Cyber-offenders versus traditional offenders: An empirical comparison. Vrije Universiteit Amsterdam. Retrieved from https://research.vu.nl/en/publications/cyber-offenders-versus-traditional-offenders-an-empirical-comparisonWeulen Kranenbarg, M., Ruiter, S., & Nieuwbeerta, P. (2018). Cyber-offending and traditional offending over the life-course: An empirical comparison. Crime & Delinquency, 64(10), 1270–1292. https://doi.org/10.1177/0011128718763134Weulen Kranenbarg, M., Holt, T. J., & van Gelder, J.-L. (2021). Contrasting cyber-dependent and traditional offenders: A comparison on criminological explanations and potential prevention methods. In J. van Gelder, H. Elffers, D. Reynald, & D. Nagin (Eds.), Routledge International Handbook of Criminology and Criminal Justice Studies (pp. 234–249). Routledge. Retrieved from https://research.vu.nl/en/publications/contrasting-cyber-dependent-and-traditional-offenders-a-comparisoWeulen Kranenbarg, M., & Noordegraaf, J. (2023). Why do young people start and continue with ethical hacking? A qualitative study on individual and social aspects in the lives of ethical hackers. Criminology & Public Policy, 22(3), 465–490. https://doi.org/10.1111/1745-9133.12640Additional Resources:Capture the Flag (CTF) events:Hack the Box - A popular online platform offering a variety of CTF challenges to test and improve cybersecurity skills.https://www.hackthebox.comNorthSec - A popular in-person CTF competition designed for everyone excited about cybersecurity.https://nsec.ioBug Bounty Programs:HackerOne - A leading bug bounty platform connecting ethical hackers with organizations to find and fix vulnerabilities.https://www.hackerone.comBugcrowd - A platform that hosts bug bounty programs for a wide range of companies and industries.https://www.bugcrowd.com

About Our Guest:Dr. Tom Holthttps://cj.msu.edu/directory/holt-tom.htmlKey Topics Discussed:Dr. Tom Holt emphasized the urgent need for consistent and evidence-based cybercrime training in law enforcement, pointing out disparities in how local agencies handle these crimes.He highlighted the challenges agencies face in responding to cyber-enabled and cyber-dependent crimes, particularly in rural areas.Dr. Holt discussed the development of training modules covering both basic digital evidence handling and specialized topics tailored to agency needs.The conversation underscored the importance of bridging resource gaps between rural and urban agencies.Dr. Holt explained how police leadership’s support is crucial for improving the adoption and effectiveness of training programs.The prevalence of interpersonal cybercrimes like sextortion and fraud, often encountered by local officers, was addressed.Dr. Holt elaborated on long-term evaluation plans for these training programs, aiming to measure their impact on officers and agencies.He also discussed the potential for a national standard curriculum to bring consistency to cybercrime training across the U.S.Papers and Resources Mentioned:Articles on the Training Center Initiative:Cybercrime Training at MSU –https://cj.msu.edu/community/cyber-center/cyber-center-home.htmlProgram announcement - https://msutoday.msu.edu/news/2024/msu-receives-$1M-to-create-center-for-cyber-security-trainingOther:This episode was recorded on location in at HEC Montreal. The occasional background noise from students only adds to the vibrant atmosphere of the discussion. So you can’t complain about the noise being distracting, consider it an authentic experience!

Episode NotesEpisode SummaryIntroduction to Open Science – Asier Moneva introduces open science, emphasizing transparency and replicability as essential to modern research.Importance of Transparency – He explains how transparency builds trust, enabling other researchers to assess rigor and replicate findings accurately.Preregistration and Registered Reports – Asier discusses these practices, which require researchers to specify methodologies and hypotheses before data collection to reduce bias.Challenges in Adoption – He notes that implementing open science practices can be challenging due to academic pressures and resource limitations.The “Publish or Perish” Culture – We highlight how the pressure to publish quickly can conflict with the time-intensive requirements of open science.Academic Incentives and Misaligned Goals – We critique the academic reward system that often favors quantity over quality, which can detract from scientific rigor.Advantages for Public Accessibility – Open science also enhances public accessibility, making research available beyond academia and helping inform public policy.Ethical Considerations in Research – Asier emphasizes that open science fosters ethical research practices by reducing questionable practices like p-hacking and selective reporting.Benefits of Open Science for Collaboration – The approach encourages collaboration across disciplines and institutions, providing a more comprehensive understanding of complex issues.Real-World Example of Retraction – He mentions a case where a research paper was retracted due to lack of transparency, illustrating the importance of open science practices.Role of Preprints in Open Science – Asier advocates for preprints as a way to share research and receive feedback before formal publication.Challenges with Platform Fragmentation – He observes that the proliferation of research-sharing platforms can hinder accessibility if findings are scattered across multiple sources.Future of Registered Reports – Asier sees registered reports as a future standard, as they align research design with ethical and rigorous science.Open Science as a Solution to Publication Bias – Open science practices help address publication bias by promoting the dissemination of all research findings, regardless of outcomes.Closing Thoughts on Transparency – Open science is about ensuring reproducibility and holding science accountable, aiming to make research as transparent and accessible as possible.About Our Guest:Asier Monevahttps://asiermoneva.comhttps://nscr.nl/en/medewerker/asier-moneva/https://www.thuas.com/research/research-groups/team-cybercrime-cybersecurityhttps://github.com/amonevahttps://osf.io/7ce24/Resources and References Mentioned in This Episode:The Open Science Framework (OSF)The OSF is an open-source platform supporting transparent and reproducible research across disciplines.The Open Science Framework:https://osf.io/Paper Introducing Registered ReportsThis foundational paper outlines the concept of registered reports, a publishing model aimed at reducing bias and enhancing research rigor.Paper introducing "registered reports":https://psycnet.apa.org/fulltext/2014-20922-001.htmlRetraction Case StudyA recent retraction of a notable article on the replicability of social-behavioral research findings offers insights into challenges within open science practices.RETRACTED ARTICLE: High replicability of newly discovered social-behavioural findings is achievable:https://www.nature.com/articles/s41562-023-01749-9Retraction Note: High replicability of newly discovered social-behavioural findings is achievable:https://www.nature.com/articles/s41562-024-01997-3Podcast episode discussing the retraction in depth:https://open.spotify.com/episode/3rygrbUNocfCEEGd1Byn0V?si=vJDuzQT3S7yJqDEUMycF1w&t=178Other:This episode was recorded in a hotel lobby corner with music playing in the background. If the audio sounds a little unusual at times it is because of the noise removal being used to remove that noise being combined with other ‘sound enhancement’ features. I had to go back in and play around with the audio directly before I was even a little happy. The tools work well but they are a little unpredictable. I am increasingly wary of ‘it just works’ audio editing tools. I would have left it in, but the bots chasing copyright infringement are ravenous and indiscriminate.