Are you unwittingly volunteering your personal info to online hackers?

NORWICH, United Kingdom — The world’s most valuable resource is no longer oil, but data. As we turn to a more technology-dependent society, it has become easier for hackers to access people’s personal information. It’s not just malware and phishing scams stealing info, however, as new research suggests people are unknowingly volunteering their personal data to criminals.

Researchers from the University of East Anglia find that people are more willing to reveal their personal information when they repeatedly encounter the same questions over and over again. The repetition of the question makes people over-disclose, putting them at risk for identity theft and cybercrime.

Where does this all happen?

You might think this only happens to people who go on the dark web or visits a shady website, but these cyber-attacks can happen in plain sight. Our personal data is being mined all the time when people are subscribing to online newspapers, turning off an adblocker, or completing customer surveys.

“You may have received an email asking for a small increase in your monthly charity donation, or if you log in to social media, it may ask you for a little more profile data like adding your school or workplace,” says Piers Fleming, a professor of psychology at UEA, in a university release. “This can lead to minor inconveniences such as junk emails or more disruptive potential consequences such as identity theft.”

Online privacy, cyber security
(© Urupong –

These tactics wear people down so they overshare

The team recruited 27 people and asked them to answer a series of questions online, ranging from their height and weight to their phone number. The questions also included opinions on topics like immigration, abortion, and politics. Next, the people arranged the online questions from least to most intrusive. Researchers also asked the group how much of their personal information they would “sell” and allow on a public website for two weeks.

The study then asked participants again how much information they would sell to appear for another two weeks in exchange for even more money. Making repetitive requests is a strategy advertising and marketing companies use. The goal is to wear someone down, so they give in to what the company is selling or asking the person to do.

In a second study, 132 participants underwent the same process, but they were asked to sell their information at two different points in time. The participants also answered several personality questions.

“Our first study showed that asking for real personal data led to increased information disclosure when asked again. Our second study replicated this effect and found no change in people’s associated concerns about their privacy—people change their behavior but not their view,” explains Fleming. “This demonstrates that simple repetition can make people over-disclose, compared to their existing, and unchanged concern.”

The tactic follows a psychological concept called a “foot-in-the-door” effect. The tactic gets a person to agree to a large request by getting them to agree to a modest request first. Understanding why people are so willing to share personal data and the tactics behind it can help researchers figure out strategies on when people should share when it’s mutually beneficial and avoid oversharing when it is potentially dangerous.

The study is published in the Journal of Cybersecurity.

You might also be interested in:

YouTube video

Follow on Google News

About the Author

Jocelyn Solis-Moreira

Jocelyn is a New York-based science journalist whose work has appeared in Discover Magazine, Health, and Live Science, among other publications. She holds a Master’s of Science in Psychology with a concentration in behavioral neuroscience and a Bachelor’s of Science in integrative neuroscience from Binghamton University. Jocelyn has reported on several medical and science topics ranging from coronavirus news to the latest findings in women’s health.

The contents of this website do not constitute advice and are provided for informational purposes only. See our full disclaimer