AGENDA ● Introduction and Bio ● What is Social Engineering? ● A T alk about Sales? What the Hell, you said Social Engineering?!? ● Profile? Process? Why not both! ● Defences against Social Engineering ● The Mystery Security T est ● Recap ● Q & A Session
INTRODUCTION Gavin Ewan @jac0byterebel
BIO 1 st Masters Degree comprising of Psychology and Economics Worked as:- ● Regulated Financial Adviser ● Sales Manager ● Sales Trainer Ethical Hacking student at the University of Abertay, Dundee, Scotland..
What is Social Engineering? ● Online definition:- The practice of tricking a user into giving, or giving access to, sensitive information, thereby bypassing most or all protection ● My definition:- Bypassing the human firewall/intrusion detection system. Hacking the human mind.
Part Art, Part Science
Number of Mediums:- Face2Face
Number of Mediums:- Telephone
Number of Mediums:- Online
What Social Engineering Is Not
Easier, Lazier
Reserved for Gifted Speakers
Governed by Hard, Fast Rules..
Sales? But you said Social Engineering! T erms are not mutually exclusive ● Salesman == Social Engineer ● Good salesmen use a degree of Social Engineering Skills ● Bad salesmen don't ● Social Engineers HAVE TO be good salesmen ● Selling Concept ● “I want you to buy the concept I belong here” ● “I want you to buy the concept I need your username and ● password”.
Sales? But you said Social Engineering! The Master Salesman The Master Social Engineer Recognises that each and every Recognises that each and every social ● ● customer and sale is different engineering attack is different Can play different roles MUST act out a number of different roles ● ● Uses a variety of questioning techniques Uses a variety of questioning techniques ● ● Recognises that NO doesn't mean NO. Isn't phased by objections and can ● ● Objections are good recognise a programmed response Is comfortable with awkward silences Is not only comfortable with, but ● ● (Gav's Golden Rule, Know When to Shut appreciates, awkward silence Up) Knows that one target won over can be ● Will ask for repeat business, and referrals used to win over other targets, or help ● to other customers. provide a 'quick getaway'..
Profile? Process? Why not both! DISCLAIMER This is what I use, because it ● Works for me ● Made me plenty cash ● Has transferred smoothly to social engineering ● YOU MAY NOT AGREE WITH EVERYTHING THAT FOLLOWS We are all entitled to our opinion. ●
Profile? Process? Why not both! Sales Process (1) Prospecting the target (2) Initial Contact and Needs Identification (3) (Sales) Presentation (4) Close (5) Objection Handle Steps 3 to 5 are circular can be repeated as often as necessary.
Profile? Process? Why not both! (1) Prospecting the Target (1) Know your target ● Profile without direct contact ● Google ● Maltego, etc (2) Know your limits (Backward planning) ● Salesman - QUANTITY ● Social Engineer - PERFORMANCE.
Profile? Process? Why not both! Simple Personality Test for a Salesman (or Social Engineer!) Based on two of four areas examined by original Myers- ● Briggs test What we need to know – Sales 101 What they'll actually listen to ● How they make decisions based on what you've just said ● What we don't need to know If they are an Introvert or an Extrovert ● How they handle 'issues' ● DANGER! Further apart on the scales – Less likely to be 'compatible'. ●
Profile? Process? Why not both! But Gav, how do I reel 'em in? What they'll actually listen to Sensor Intuitive Needs to try things out first T rust the gut first and look at ● ● and pays attention to the finer the big picture. Detail can details. Focus on one day at a wait. time. Will ask you 'Why?' ● Will ask you 'What?' and ● How they make decisions 'How?' Feeler Thinker Driven by their feelings as ● Driven by facts, logic and ● opposed to just hard evidence reason. Will go with what the facts suggest even if they Appreciates alternative options ● don't like it and viewpoints Balance pros and cons for Very relationship focussed. ● ● them Very task focussed
Profile? Process? Why not both! And this means what exactly? Sensor-Thinker (Thinker) – Give them the facts then go though, step by ● step, why they should buy from/help you Facts then Logic ● Sensor-Feeler (Feeler) – Stick to giving them the facts, but show them ● how what you have told them will affect the people involved (including them) Facts then Feelings ● Intuitive-Thinker (Controller) – Will want to know what the bigger ● picture is, but will expect a range of well thought and presented options to deal with it Overview then Logic ● Intuitive-Feeler (Entertainer) – Give 'em the big picture and then show ● how all the pieces fit together, who will be affected. Loves a story Overview then Feelings. ●
Profile? Process? Why not both! Controller Entertainer Sales Staff Managers Marketing Finance Techies/Researchers Security Staff Thinker Feeler
Profile? Process? Why not both! (2) Initial Contact and Needs Identification (1) Continue profiling (2) Work out needs of customer/target ● Through appropriate questioning (3) WATCH (4) LISTEN.
Profile? Process? Why not both! Questioning Techniques
Profile? Process? Why not both! What to Watch and Listen for Some Basic NLP See as a target sees ● 3 basic methods of perceiving the world ● Visual ● Auditory ● Kinaesthetic ● Language is the quickest guide ● Visual – I see what you mean, You'll have to watch that one ● Auditory – That rings a bell, I hear what you are saying ● Kinaesthetic – Lets touch base, I've got a grasp of what you ● mean.
Profile? Process? Why not both! What to Watch and Listen for WATCH! RIGHT LEFT Creating Images Remembering Images Remembering Creating Words/Sounds Words/Sounds UNFOCUSSED STARE Processing Information (Usually Visual) Feelings Internal Dialogue (Words to Feelings) (Words to Sounds)
Profile? Process? Why not both! What to Watch and Listen for LISTEN! Visuals ● Higher Pitched, quick talkers Auditories ● Low pitch, good rhythm, smooth tone. Concentrating on sounding good Kinaesthetics ● Constant pauses in speech. T endency to be 'touchy-feely'.
Profile? Process? Why not both! (3) (Sales) Presentation (1) Relay customer/targets needs back to them. ● According to profile ● In their 'language' ● Features Vs Benefits ● Feature = Something the item has ● Benefit = Something the customer/target needs (2) AGREE on needs ● 'Ski downhill' (contrast effect) ● Slight adjustments will not be noticed (heuristics).
Profile? Process? Why not both! The Contrast Effect PRESENTATION ORDER IS VITAL!!!! Salesman - EXPENSIVE >>>>> CHEAP ● Social Engineer – BIG request >>>>> REAL request. ●
Profile? Process? Why not both! Heuristics ● The human brain has an 'auto-correct' facility! ● “Aoccdrnig to rscheearch, it deosn't mttaer in waht oredr the ltteers in a wrod are, olny taht the frist and lsat ltteer be at the rghit pclae. Tihs is bcuseae the huamn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe” ● Not readable by a computer ● What about..... ● An ID badge with slight variations ● A document with some 'favourable' additions
Profile? Process? Why not both! (4) Closing (1) Interpret buying signals ● Verbal - “So let me get this straight, I can have it in red, or black?” ● Non Verbal -
Profile? Process? Why not both! (4) Closing (1) (2) Use appropriate close ● Assumptive or Command Close – 'Assume' they agree and ask for the business ● Alternative Close – Give them a 'choice', either way, you win IDEAL TIME TO USE SOME EMBEDDED COMMANDS!
Profile? Process? Why not both! Embedded Commands Trojans of the human mind ● Subconscious processing is different ● Gav's Guide to embedding ● (1) Pause before the embedded command (2) T alk louder at the embedded command (3) Adopt a 'command' tonality at the command (down-turn) (4) Pause after the embedded command Inject the command into a seemingly innocuous statement ● Add a command verb (Do, get, recall, buy, etc) ● Fire away ● Salesman - “By now, you'll know if you want to place an order”. ● Social Engineer - “I don't expect you to let me in right away” ●
Profile? Process? Why not both! (5) Objection Handling ● OBJECTION == FREE LOOK AT TARGETS TRAIN OF THOUGHT ● T wo main types of objection to deal with ● Sincere ● A genuine concern that must be overcome ● From reasoned consideration Insincere ● Masks unrelated concerns ● Indicator of a far bigger objection.
More recommend