Phishers target community-minded Pasifika with AI ‘help scams’

Pasifika communities across the Pacific and Aotearoa are increasingly the focus of email scammers using artificial intelligence to target them in their own language.

Their cultural values are also being exploited, with their commitment to a collectivist mindset appearing to make them more vulnerable to what we call ‘help scams’.

Our research reveals the scale of the threat and common phishing modes of attack. We partnered with the IT department of the national government of a Melanesian country to conduct our phishing simulation study with the government’s employees.

We created English and national language variants of four simulated phishing emails; eight emails total. Each month for four months, 2000 participants received a simulated phishing email written in either English or the local language of their country. All participants were fluent in both languages.

One email was, from a scammer’s point of view, particularly successful: a request in the local language for a review of a church agenda before Sunday meeting, inviting people to click on a link. (Clicking on links enables scammers to install computer malware, harvest data, steal and defraud.)

Nearly a third of recipients clinked on the link.

To our knowledge, this is the first simulated phishing campaign study to focus on Pasifika people, demonstrating a ‘foreign language effect – how a person can think and behave differently in their first language compared to their second (or third) language.

Research in cognitive psychology suggests that emotional responses tend to be stronger in a person’s first language, but more analytical and detached when thinking in their second language. Our research did suggest a ‘foreign language effect’.

In the Melanesian nation we worked with (we have not identified this nation to protect privacy) a local concept broadly described as ‘one talk’ is based around a social obligation to help those within the same language or cultural group.

The concept is central to how these communities live their lives.

We surmised that a message written in the national language may implicitly signal that the sender is part of that group, making the request seem more legitimate.

Feedback from participants supported our hypothesis. Some said they clicked because the email was written in their local language so they assumed it was genuine. Others said they thought the government system would filter out any dangerous messages. Many simply wanted to help. “I clicked on this link because the email is in correct [national language] and I assume was sent by a relative or friend of mine,” said one participant.We sent four emails in both English and the national language of the participant, described below:

* AiiExpress: A fake shipping notification from ‘info@aiiexpress.store’ stating, “Your AiiExpress order is on its way. Please click here if this is not your order.”

* Jet Pacific: A promotional email from a fictional airline offering low-cost fares: “Crazy relaunch prices! Book a return trip today from just $89.”

* Budget: A request from ‘Sione’ to review a document: “Hi, could you please check the updated budget? The document is here: Budget.docx.”

* Church: A message requesting assistance: “Please review this church agenda before Sunday’s meeting: agenda.docx.”

All the emails contained a simulated phishing link that redirected those who clicked on it to a training survey, which explained the purpose of the exercise and asked for feedback.Notably, the personal requests for help gained considerably more traction than the emails that appeared to be from companies.

We know that scammers will find ways to get inside people’s heads to identify and exploit their weaker spots, but our research highlights the importance of tailoring cybersecurity awareness campaigns to local contexts.

When companies offer staff training on how to avoid email scams, they need to be aware of how scammers might exploit local languages and cultural norms.

We also need to develop better email systems and spam filters. Spam filters are less effective for many Pacific languages because the data sets used by filter developers are limited in size, leaving these communities more vulnerable. Developers of mail filters for Pasifika languages should consider placing a particular emphasis on identifying ‘help scams’ and companies’ systems should flag or intervene on messages containing help scam keywords.

While the study focused on a specific government setting in a Pacific Island nation, the implications could extend more broadly to other multilingual or collectivist environments.

As far as we know, this is the first study of Pasifika phishing susceptibility. It was part of a broader collaboration between researchers at Waipapa Taumata Rau, University of Auckland, and the government of the participating country. The study followed a 2023 symposium on phishing threats in the Pacific, and we will be presenting the results at the USENIX Symposium on Usable Privacy and Security in Seattle in August 2025