How mindfulness and critical thinking can protect us online

A woman wearing a VR headset. mindfulness

In immersive metaverse environments human susceptibility mindfulness will be even more important to resist manipulation. Image: Brian Penny/Pixabay

Anna Maria Collard
Senior Vice-President, Content Strategy, KnowBe4, Inc.
Our Impact
What's the World Economic Forum doing to accelerate action on Cybersecurity?
The Big Picture
Explore and monitor how Virtual and Augmented Reality is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
Stay up to date:

Tech and Innovation

Listen to the article

  • Social engineering, where the attacker uses deception and impersonation to manipulate a subject, is one of the top routes for attack in an online environment and will remain a major risk in future internet and metaverse environments.
  • Distractions, multitasking and emotional responses are root causes of human error and make people more susceptible to social engineering, manipulation and other digital attacks.
  • Mindfulness and critical thinking are crucial skills to remain productive and safe in an increasingly immersive world where focus, presence and stillness are becoming more difficult to find.

Imagine walking through a virtual reality (VR) space where you hear other avatars talking about the benefits of a new soft drink. To you, these avatars appear to be other players; however, advertisers have purposefully placed them there as virtual spokespeople. Unlike traditional product placements, these adverts are custom-made for you, based on your profile and react in real time to your behaviour.

Imagine these conversations placed in your kids’ VR. Conversations not only about soft drinks but also about political opinions, conspiracy theories, or other malicious content.

In his 2023 paper The Manipulation Problem, Louis Rosenberg warns about the persuasive tactics of AI chatbots with the ability to respond to sensory data they read from users’ headsets in real-time, resulting in opportunities for powerful malicious influence and manipulation.

Bad actors target humans because it is easier than trying to break through sophisticated security technology. Deception and manipulation are not new concepts and are a common form of social engineering. Also referred to as the science of hacking humans, it is still one of the most popular initial attack routes. In 2022, 74% of all data breaches involved a human element.

To defend against these psychological attacks, we should foster critical thinking and develop skills in situational and self-awareness. These skills will become extremely important in metaverse environments where, owing to their immersive nature, the susceptibility to manipulation might be even greater than it is today.

A few factors make humans vulnerable to social engineering
A few factors make humans vulnerable to social engineering Image: KnowBe4 Africa

A few factors make humans vulnerable to social engineering and could potentially be exacerbated by immersive environments:

1. The myth of multitasking

Multitasking is a myth and is actually bad for us. It results in human error and reduces our long-term memory. It also prevents us from being focused or creative and distracts us from the task at hand. Unfortunately, being distracted means we are more likely to act in ways we shouldn’t. Email security firm Tessian’s 2020 study found that distractions were behind 47% of people falling for phishing emails. Developments in spatial computing, with its ubiquity of apps in augmented reality, mean that life will become even more distracted in the future.

2. We auto-react to our emotions

The amygdala is the part of the brain that regulates emotions and activates our automatic fight or flight response. Ancient threats needed this immediate response. Unfortunately, we react to modern threats with the same ancient, automatic response that circumvents our executive functioning. Here is the thing: social engineers deliberately trigger our amygdala to suppress our critical thinking and trick us into taking potentially dangerous actions. This also explains why fake news – often laden with emotional content, is 70% more likely to be retweeted than the truth.

Children and adolescents are even more susceptible to these emotion-triggering types of messages. The formative process of connecting the limbic system to the prefrontal cortex continues from the teen years to the mid‐20s. These developmental changes have been linked to heightened emotional sensitivity and risky online behaviour in youth.

3. We think fast

In the 2011 book, Thinking, Fast and Slow, author Daniel Kahneman describes how cognitive biases are automatic processes designed to make our decision-making quicker and more efficient. Research suggests that 80% of our day is spent in a fast-thinking, heuristic and bias-driven thinking mode. Fast decisions are not always the right ones and another reason why we are vulnerable to manipulation. This explains why many attacks include a sense of urgency in their tactics.

How can mindfulness help?

Mindfulness simply means adding a pause between the trigger and our reaction, and trying not to identify too much with our thoughts or emotions. Researchers Brown and Ryan argue that mindfulness promotes self-regulation by interrupting the so-called autopilot of our automatic thoughts and behaviour patterns.

Plenty of research states that mindfulness results in fewer commission errors, improves attention to tasks and can help combat distraction, stress and multitasking symptoms.

Mindfulness also helps to slow down, focus on one thing at a time, and observe internal and external distractions before reacting to them. By refusing to multitask, we slow down and, ironically, get more done.

Have you read?

The Amygdala: our built-in alarm system

If we manage to view our amygdala as a warning system instead of just reacting to it, it becomes a powerful tool. When something makes us feel tense or stressed, being in a mindful state allows us to observe how we feel before reacting. Paying attention to heart rate, tightness, heat, or discomfort might be a sign that the body’s flight-or-fight response is triggered. Our body knows and gives us signs that something is up before we are even conscious of it.

Becoming aware of our senses and labelling what we feel, without giving in to the impulse to act, allows critical thinking and executive function to take control. This in turn allows us to act in a calmer and more intentional state.


Many people are fatigued by security awareness and feel overwhelmed about how to defend themselves. However, teaching them how to become more mindful empowers them to use their own senses as warning signals in digital environments.

These skills are not just about psychological well-being but should be part of online and metaverse safety training. The more our physical reality merges with the digital, the more we need to unlearn bad practices that leave us vulnerable, such as multitasking, and hone critical thinking and focus skills that help us navigate these new spaces mindfully and safely.

VR biofeedback games (where the game responds to information from the player's body) are already used to help youth cope with anxiety by identifying physiological markers and patterns of emotion regulation. These immersive games can be useful tools in mindfulness training and helping kids (and adults) to practise self-regulation and healthier responses to media-generated emotions.

The goal is to transition from automatic reactions to more rational responses. This is a shift that offers empowerment in both the digital and virtual realms while also fostering personal resilience in the offline world.

To explore this subject further and gain deeper insights, the World Economic Forum has recently published a paper on privacy and safety, which delves into various aspects related to this topic and more.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

Tinder Swindler: How 'romance fraud' became a multi-billion dollar cybercrime

Robin Pomeroy and Sophia Akram

May 24, 2024

About Us



Partners & Members

  • Join Us

Language Editions

Privacy Policy & Terms of Service

© 2024 World Economic Forum