Tag: social engineering

Posted on

Confessions of a Social Engineer

Working at the dangerous intersection of technology and security, social engineers help organizations stay safe(r) by exposing their vulnerabilities. Often, this relies less on advanced coding skills than it does on old-fashioned behavioral psychology and the reflexes of a trickster. In this humorous account, an infosec con artist spills her secrets.

“How I Socially Engineer Myself Into High-Security Facilities”
By Sophie Daniel
Vice
October 20, 2017

Hello! My name is Sophie and I break into buildings. I get paid to think like a criminal.

Organizations hire me to evaluate their security, which I do by seeing if I can bypass it. During tests I get to do some lockpicking, climb over walls or hop barbed wire fences. I get to go dumpster diving and play with all sorts of cool gadgets that Q would be proud of.

But usually, I use what is called social engineering to convince the employees to let me in. Sometimes I use email or phone calls to pretend to be someone I am not. Most often I get to approach people in-person and give them the confidence to let me in.

My frequently asked questions include:
What break-in are you most proud of?
What have you done for a test that you were the most ashamed of?

What follows is the answer to both of these questions. Read more.

Related posts:

  1. Confessions of a Rock and Roll Poser
  2. Forget About Getting a Table Here
  3. Replacement Family Available. No Questions Asked.
  4. The Library Pranksters Who Paid a Heavy Fine
Posted on

The Art of Human Hacking

Patrick Howell O’Neill reports from Def Con 2014 in Las Vegas, where he witnesses an odd sort of game: Social Engineering Capture the Flag.

Inside the Super Bowl of Lying
by Patrick Howell O’Neill
The Daily Dot
September 2, 2014

Nobody can find a seat, the room is so packed. The boisterous audience, undeterred, crowds against the walls and lies down on the floor at every edge of the room to catch the action. A line of people stretches out the front door.

Social engineering capture the flag
via social-engineer.org

This is the 2014 Def Con hacker conference at the Rio Casino in Las Vegas. The people are in one of the tiniest rooms in the casino to see the Super Bowl of lying.

The Social Engineering Capture The Flag contest was launched by Christopher Hadnagy in 2009. This year, nine teams of two players each are given a long list of goals that can only be accomplished through skillful lying and manipulation. The contest has been going on for five years, but most of the crowd, listening in rapt attention, is experiencing it for the very first time.

Hadnagy has another name for social engineering: “The art of human hacking.” While almost all of Def Con is dedicated to the art of computer hacking, this event targeted the mind. Continue reading “The Art of Human Hacking”

Related posts:

  1. Reality: Now Faker Than Ever
  2. Confessions of a Social Engineer
  3. Fast Food Ad Pulls a Fast One
  4. Marc Drier, “The Houdini of Impersonation”

Back to top