What is Social Engineering | Detailed guide for hacking human
Table of Contents
As per Google trends, lots of people are searching every day for the term what is social engineering. This article helps all the readers understand about social engineering, different attacks, it’s framework and ways to implement.
What is Social Engineering?
Social engineering in simple terms is influencing people to do an action to gain their confidential information. This is the most common type of attack used by cyber criminals to easily manipulate an user to give their password, credit card number, national security number and more.
What do you think is the weakest link in an Organisation???
No, “Humans are the weakest link”
You can do social engineering via phone, telephone, internet and in-person. The only thing you need to gain is the trust of the person you are doing social engineering. According to Dr. Paul Zak in his podcast, human release oxytocin when you trust someone or someone you think trusts you. Another chemical is Dopamine, the brain produces during happiness and pleasure. Combing both oxytocin and dopamine trick can perform a better social engineering attack.
Common Social engineering attacks
There are four major vectors that performed by a social engineer. They are.
- Smishing: This stands for SMS phishing because you connect with your victim via a text message. A text message with a malicious link that asks for credentials. The message will look more tempting or create urgency. Sending this kind of message will make a user click on the link and give their personal details.
- Phishing: Phishing is one of the most common type of social engineering because of its high success rate. A Phishing mail, can hack an organisation, steal credentials and also used for stealing money.
- Vishing: Vishing is done via telephone. This is the easiest and simple way of doing a social engineering. It is easier to spoof your number which makes it difficult to identify the location.
- Impersonation: Impersonation means of pretending to be someone who you are not. Recently two criminals impersonated as a Chinese official and stole $442,777 through phone scam.
For Knowing more about Phishing, you can read the following book
Open Source Intelligence (OSINT)
Open source intelligence is publicly available information used to perform a successful social engineer. This is the most important part where all the social engineering engagement done. Social engineering pyramid comprises four steps.
- Pretext Development: This step is used to gather all the information about the target and create pretext. Pretext is creating a pre-build conversation that you need to talk to your target. This is the important step so you need to keep OSINT in mind while performing. In pretext stage you need to make sure you add the changes needed for success because depending only on the pre-build text you can’t succeed. When there is a conversation which you are not prepared you get nervous.
- Attack Plan: After the pretext phase, you need to create an attack plan answering the three questions “What, When and Who”. For example, What is the plan, when is the best time and who is going to assist you.
- Attack Launch: Now, you are ready to launch an attack, this is the most fun part. Prepare by having an outline of the pretext and not by scripting each word. Scripting can be not useful, when there is an unexpected situation. During this situation, you become nervous and this can lead to failure. So, have an outline rather than scripting.
- Reporting: Reporting is an important step, you need to provide details of how you performed an attack and how to fix it. The above three stage’s success depends on this report stage.
Tools used for OSINT
There is two types of OSINT you could think of: Non-Technical OSINT and Technical OSINT
Non-Technical OSINT means not involving a computer but involves observing. The most important skill you need to have is “Observation Skill”.
Let’s have an example, think you are a social engineer and your task is to enter a server room in an organisation. Different things you need to consider are
- Clothing: Clothing of the employees should be noticed because if everyone are wearing a formal clothing and you wear a t-shirt and jean it might look odd.
- Entry and Exit: Before entering the building, you need to know the structure of the building mainly entry and exit areas.
- Security cameras: Have a careful look at the security cameras placement. Are there security cameras? Where are the security cameras kept? Are there any security cameras at the entrance?
- Help desk: Are the help desk staff noticing every visitor or the staffs busy on their phones? Can you able to do should surf? Is there a sticky note on their desk?
- Badge: Are the employees entering the building have badges? Are there any badge scanners at the entrance? Do visitors get a badge?
- Security Guards: How many security guards are present? Are they monitoring continuously? Are they available all the time? What are their break timing?
Observation skills plays a vital role in Non-technical OSINT.
One of the easiest ways to gather information about your target is by using social media. Social media such as Facebook, LinkedIn, Twitter has a large number of people using it. Using this you can gather lots of information.
Literally, everyone uses Facebook nowadays. Facebook has around 2.45 billion active users and the overall active internet user is 4.48 billion.
So, what information can you attain from Facebook?
- Family members
- Favourite movies, songs, food and actors
- Your occupation
- Places you lived
- Groups you belong
LinkedIn has over 500 million users with 260 million active users. You can gain the following information.
- Place you work
- University you studied
- People you follow
Twitter has over 321 million active users. You can gain the following information.
- What are you doing right now
- Your daily habits
- Things you retweet
There are lots of other social media such as Instagram, Snap chat and so on but these three are the top three social media used by many.
Now we will look at a few most used tools
- Pipl: Pipl is one of the best people search engine available on the internet. Just you need to type the target’s name and location and see the magic!! You get lots of information about that person you are searching.
- Webmii: Webmii is other great tool that is used to find the people’s online visibility. You can get the visibility score out of 10. You can also find photos , social media account and YouTube accounts.
- WHOIS: WHOIS lookup is used for finding the details about a website. You can gain information such as registrant, registrant type, registered date, name server and so on.
- SET: SET tool is used to do phishing with an automated payload. This can steal credentials and also used for cloning a website.
- Maltego: This is the best social engineering tool ever. It is a powerful tool used to gain lots of information about the target.
Communication is the key
How do I approach? Everyone will have this question in mind. How do I start a conversation?
The first 10 seconds is the most crucial because you need to get the trust of the person within this time period.
So, what will be your words will be during this period? You need to address these questions to make a person listen to you.
- Introduce yourself
- What do you want
- Are you a treat
- How long does this conversation take
This can help you make the person listen to you. In addition, it can take your conversation further.
After you have answered the above questions, the next step is to take the conversation further. All people are different and there are different ways to approach.
Here, comes the DISC technique..
So, What is DISC?
D stand for Direct/Dominant
I stand for Influencer
S stand for Supporter
C stand for Conscientious
All the people comes in either of the four categories mentioned above. During the initial conversation with them you need to analyse which category they fall in.
First, you need to analyse what category do you fall?
Find Where you fall in DISC
Answer this question honestly to identify which category do you fall?
- Are you a direct or indirect person? A direct person always speaks out directly and indirect person takes time. So, are you a direct or indirect?
- Are you task oriented or people oriented? Do you care more about the task to be done or the people?
So now, you might either come in Direct and Indirect and Task oriented or People oriented.
- Direct and Task oriented people are Direct/Dominant. So you are Direct, result-oriented, strong will, forceful.
- Direct and People oriented people are Influencer. So you are Outgoing, Enthusiastic, lively, high-spirited.
- Indirect and Task oriented people are Conscientious. So you are Analytical, reserved, private, systematic.
- Indirect and People oriented people are Supporter. So you are Even-Tempered, humble, patient, tactful.
Now, you know which category you come under. Come out of your comfort zone and find what category your target fall during conversation.
Communication with Target
Talk to your target according to their style
- D Communicator : Be direct and straightforward. They don’t like the long talks, so be brief and to the point. Give logically answers and result.
- I Communicator: Be friendly with them and do not dominate. Allow them to talk most of the time.
- S Communicator: Be patient and friendly. Focus on team when talking with them and be systematic.
- C Communicator: Be detailed while talking to them. Provide logic, facts and stats while talking with them.
Body Language plays a vital role
Only understanding how to communicate make me a better social engineer?
No, understanding their body language and facial expression is also equally important..
There are four rules that you need to understand, they are
- If you see an expression from your target, it doesn’t mean you know the reason. Think if the person folds arm, it can either be they are uncomfortable or it can also that they might have gone through surgery . So, don’t judge just because of their action.
- Don’t just focus on only one body language and determine. You need to analyse both the context and all their body language to understand what they are saying.
- Understand both context and body language to check whether they are congruent. For instance, if a person nods the head ‘no’ and says ‘yes’ both are not congruent. Here, you need to analyse their body language about what they are telling.
- Only body language can’t say anything, you need to understand the context too. For instance, if a person you see is folding their arms it doesn’t mean they are angry. It can also be because of the cold climate.
To learn more about Body language and face expression, you can read the following book.
Different facial expressions
We all make different facial expression and body languages according to the situation. There are so many expressions however, I have addressed the most common expression we make are
- Anger: People won’t say pleasant things, jaw tightens, a person’s forehead will furrow with eyes open wide, etc.
- Disgust: Usually people turn away or block, if they feel disgust. For instance, if you feel something unpleasant you show a disgust expression.
- Fear: In this case, the body tenses, eyes are open wide and can hear the gasp of air. It also has your lips wide spreading towards your ears.
- Surprise: Surprise has a similar expression as fear, but the only difference is you will have ‘OHHH’ expression than wide spreading your lips.
- Sad: In this situation, your eyelid bends, corner of the mouth goes down and the corner of the eyebrow comes together.
- Happiness: Happiness will release a confident environment around us, feel happy and relaxed.
This whole article was based on the book ” Social Engineering: The Science of Human Hacking”. To have a detailed idea of a social engineer and how to become whoever you want to be, I will suggest reading this book.
Sign up to get Social Engineering: The Art of Human Hacking pdf.
You can also have a look at my recent post