Akış
Ara
Ne Okusam?
Giriş Yap
Kaydol
Gönderi Oluştur
Alışveriş
Keşfet
Kitaplar
Yazarlar
Okurlar
1000Kitap Android UygulamasıÜCRETSİZ – Google Play'den indirin
1000Kitap iOS UygulamasıÜCRETSİZ – App Store'dan alın
ŞartlarGizlilikTopluluk KurallarıHakkımızdaReklam VerinİletişimKütüphanecilerDizinlerÇerez Politikası
©2024 · 1000Kitap Web Uygulaması · 2.36.26
Akış
Ara
Ne Okusam?
Giriş Yap
Kaydol
Gönderi Oluştur

Gönderi

Harlan

Harlan

@GullyFoyle
24 Haziran 2020 10:42
#1 - Social Engineering
In both of the earlier scenarios, not having enough a good enough plan and model will lead to failure. A good way to practice communication modeling is to write out a model for manipulating people you know well—a husband, wife, parent, child, boss, or friend—to do something you want, to take some action you desire. List the following five points and fill them out one by one, connecting the dots as you go along. • Source • Message • Channel • Receivers • Feedback -- Learn to become a master at information gathering and then practice putting that into action with communication modeling. -- One key aspect of learning how to communicate, how to manipulate, and how to be a social engineer is learning how to use questions. -- *Being able to effectively draw people out is a skill that can make or break a social engineer. When people see you and talk to you they should feel at ease and want to open up.* -- Have you ever met someone and instantly felt, "Wow I like that person"? Why? What was it about him that made you feel that way? Was it his smile? The way he looked? The way he treated you? His body language? Maybe he even seemed to be "in tune" with your thoughts and desires. The way he looked at you was non-judgmental and right away you felt at ease with him. -- *Elicitation means to bring or draw out, or to arrive at a conclusion (truth, for instance) by logic. Alternatively, it is defined as a stimulation that calls up (or draws forth) a particular class of behaviors, as in "the elicitation of his testimony was not easy."* -- Being able to effectively use elicitation means you can fashion questions that draw people out and stimulate them to take a path of a behavior you want. Ps a social engineer, what does this mean? Being effective at elicitation means you can fashion your words and your questions in such a way that it will enhance your skill level to a whole new level. In terms of information gathering, expert elicitation can trans late i nto you target wanting to answer your every request. -- In training materials, the National Security Agency of the United States government defines elicitation as "the subtle extraction of information during an apparently normal and innocent conversation." These conversations can occur anywhere that the target is—a restaurant, the gym, a daycare—anywhere. Elicitation works well because it is low risk and often very hard to detect. Most of the time, the targets don't ever know where the information leak came from. Even if a suspicion exists that there is some wrong intent, one can easily pass it off as an angry stranger being accused of wrong doing for just asking a question. Elicitation works so well for several reasons: • Most people have the desire to be polite, especiallyto strangers. • Professionals want to appear well informed and intelligent. • If you are praised, you will often talk more and divulge more. • Most people would not lie for the sake of lying. • Most people respond kindly to people who appear concerned about them. These key factors about most humans are whyelicitation works so well. Getting people to talk about their accomplishments is too easy. -- Asocial engineer wants the target to take an action, whether that action be as simple as answering a question or as big as allowing access to a certain restricted area. To get the target to comply the social engineer will ask a series of questions or hold a conversation that will motivate the target to that path. -- Some experts agree that mastering the art of conversation has three main steps: 1. Be natural. Nothing can kill a conversation quicker than seeming to be uncomfortable or unnatural in the conversation. To see this for yourself try this exercise. Have a conversation with someone about something you know a lot about. If you can record it somehow or have someone else take notice, see how you stand, your posture, and the way you assert your knowledge. All of these things will scream confidence and naturalness. Then inject yourself in a conversation you know nothing about and have the same recording or friend observing. See how all those nonverbal aspects change for you when you try to inject an intelligent thought into a conversation you know nothing about. This exercise shows you the difference in being natural and not being natural. The person(s) you are conversing with will be able to see it easily which will kill all chances of successful elicitation. How do you seem natural in conversations? Thus we arrive at step 2. -- 2. Educate yourself. You must have knowledge of what it is you will be talking to your targets about. This section should come with a big fat red neon light warning, but because every book can't include one let me emphasize this part: It is imperative that you not pretend you are more than you can reasonably be believed you are. Confused? Here's an example to break it down. If you wanted to obtain the chemical composition for a top-secret product and your elicitation target is one of the chemists involved in making the product, and you decide to start talking chemistry do not play yourself off as a worldclass chemist (unless you are). He may throw something at you that will show you know nothing and then your cover is blown and so is the elicitation. A more realistic approach may be that you are a research student studying XvZ, and was told he had amazing knowledge in this area. Due to his expertise, you just wanted to ask him a question on a chemical formula you are working on and why it doesn't seem to be working out. The point is that whatever you chose to converse about and whomever with, do research, practice, and be prepared. Have enough knowledge to speak intelligently intelligently about a topic that will interest the target. 3. Don't be greedy. Of course, the goal is toger information, get answers, and be given the key to the kingdom. Yet, do not let that be the focus. That you are only there for yourself will quickly become evident and the target will lose interest. Often, giving someone something will elicit the feeling of reciprocation (discussed in Chapter 6), where he or she now feels obligated to give you something in return. Being this way in conversation is important. Make the conversation a give and take, unless you are conversing with a person who wants to dominate the conversation. If he wants to dominate, let him. But if you get a few answers, feel the conversation out and don't get greedy trying to go deeper and deeper, which can raise a red flag. Sometimes the people who are labeled as the "best conversationalists" in the world are those who do more listening than talking. These three steps to successful elicitation can literally change the way you converse with people daily, and not just as a social engineer or a security auditor, but as an everyday person. I personally like to add one or two steps to the "top three." For example, an important aspect to elicitation is facial expressions during a conversation. Having your gaze be too intense or too relaxed can affect the way people react to your questions. If your words are calm and you have engaged the target in a conversation but your body language or facial expressions show disinterest, it can affect the mood of the person, even if she doesn't realize it. This may seem odd to bring up here, but I am a fan of Cesar Mian, aka, The Dog Whisperer. I think that guy is a genius. He takes dogs that seem unruly and in a matter of minutes has both the dogs and their owners produce high-quality personality traits that will merit a very successful relationship for both. He basically teaches people how to communicate with a dog—how to ask and tell it to do things in a language it understands. One of the things he preaches that I fully believe in is that the "spirit" or energy of the person affects the "spirit' or energy of the dog. In other words, if the person approaches the dog all tense and anxious, even if the words are calm, the dog will act tense, bark more, and be more on edge. Obviously people are not the same as dogs but I truly believe that this philosophy applies./te a social engineer approaches a target her "spirit" or energy will affect the person's perception. The energy is portrayed through body language, facial expressions, dress, and grooming, and then the words spoken to back that up. Without even knowing it, people pick up on these things. Have you ever thought or heard someone say "That guy gave me the creeps" or "She looked like such a nice person"? How does that work? The person's spirit or energy is relayed to your "sensors," that data is correlated correlated with past experiences, and then a judgment is formed. People do it instantaneously many times without even knowing it. So your energy when you are going to elicit must match the role you are going to play If your personality or mental makeup doesn't enable you to easily play a manager then don't try. Work with what you have. Personally I have always been a people person and my strong suit is nor topics like chemistry or advanced math. If I were in the situation mentioned earlier I would not try to play the role of a person who knows about those things. Instead my elicitation might be as simple as a stranger interested in starting a conversation about the weather. Whatever methods you chose to use, you can take certain steps to have the upper edge. One of these steps is called preloading. -- *Preloading* Sometimes movies aren't even in production yet, but the announcer comes on and says, "The funniest movie since..." or the music starts with an ominous tone, a dense fog fills the screen, and the voiceover intones, "You thought it was over in Teenage Killer Part 45...." Whatever the movie is, the marketers are telling you how to feel—in other words, preloading what you should be thinking about this movie—before the preview starts. Then the short 1-3 minutes they have to show you what the movie is about is spent showing you clips to entice your desire to see the movie and to appeal to the crowd that wants the comedy, horror, or love story. Not much has been written about preloading, but it is a very serious topic. Preloading denotes that you can do just what it says—preload targets with information or ideas on how you want them to react to certain information. Preloading is often used in marketing messages; for example, in the national restaurant chain ads that show beautiful people laughing and enjoying the meal that looks so beautiful and perfect. As they say "yummm!" and "ohhh!" you can almost taste the food. Of course as a social engineer you can't run a commercial for your targets so how can you use preloading? As with much in the social engineering world, you have to start from the end results and work backward. What is your goal? You might have the standard goal of elicitation to gain information from a target on a project she is working on or dates she will be in the office or on vacation. Whatever it is, you must set the goal first. Next you decide the type of questions that you want to ask, and then decide what type of information can preload a person to want to answer those questions. For example, if you know that later tonight you want to go to a steak place that your coupon-loving wife doesn't really enjoy but you are in the mood for a rib eye, you can preload to get a response that maybe in your favor. Maybe earlier in the day you can say something like, "Honey, you know what I am in the mood for? Abig, juicy grilled steak. The other day I was driving to the post office and Fred down the road had his grill out. He had just started cooking the steaks on charcoal and the smell came in the car window and it has been haunting me ever since." Whether this elicits a response at this exact moment is not important; what you did is plant a seed that touched every sense. You made her imagine the steaks sizzling on the grill, talked about seeing them go on, talked about smelling the smoke, and about how much you wanted one. Suppose then you bring home the paper and as you're going through it you see an ad with a coupon for the restaurant you want to go to. You simply leave that page folded on the table. Again, maybe your wife sees it or maybe she doesn't, but chances are that because you left it with the mail, because you mentioned steak, and because she loves coupons she will see the coupon left on the table. Now later on she comes to you and says, "What do you want for dinner tonight?" Here is where all your preloading comes in—you mentioned the smell, sight, and desire for steak. You left an easy-to-find coupon on the table for the steak restaurant of choice and now it is dinner discussion time. You answer her with, "Instead of making you cook and having a mess to clean up tonight, we haven't been to XYZ Steaks in a while. What if we just hit that place tonight?" Knowing she doesn't like that place all you can hope is the preloading is working. She responds, "I saw a coupon for that place in the newspaper. It had a buy one meal get a second half off. But you know I don't like...." she is speaking you can jump in and offer praise: "Ha! Coupon queen strikes again. Heck, I know you don't like steak too much but I hear from Sally that they have awesome chicken meals there, too." Afew minutes later you are on the way to steak heaven. Whereas a frontal assault stating your desire to go to XYZ would have most likely met with a resounding "No!" preloading helped set her mind up to accept your input and it worked. One other really simplistic example before moving on: Afriend walks up and says, "I have to tell you a really funny story" What happens to you? You might even start smiling before the story starts and your anticipation is to hear something funny so you look and wait for opportunities to laugh. He preloaded you and you anticipated the humor. How do these principles work within the social engineering world? Preloading is a skill in itself. Being able to plant ideas or thoughts in a way that is not obvious or overbearing sometimes takes more skill than the elicitation itself. Other times, depending on the goal, preloading can be quite complex The earlier steak scenario is a complex problem. The preload took some time and energy, where a simplistic preload might be something as simple as finding out what kind of car they drive or some other innocuous piece of information. In a very casual conversation where you "happen" to be in the same deli at the same time as your target you start a casual conversation with something like, "Man, I love my Toyota. This guy in a Chevy just backed into me in the parking lot, not even a scratch." With any luck as you engage the target in conversation, your exclamation about your car might warm him up to the questions that you can then place about types of cars or other topics you want to gather intel on. The topic of preloading makes more sense as you start to analyze how you can utilize elicitation. Social engineers have been mastering this skill for as long as social engineering has been around. Many times the social engineer realia=s he has this skill way before he turns to a life of social engineering, engineering, fie a youth or a young adult he finds interacting with people easy and later finds that he gravitates toward employment that uses these skills. Maybe he is the center of his group of friends and people seem to tell him all their problems and have no problem talking to him about everything. He realizes later that these skills are what gets him through doors that might be closed otherwise. -- One other example is there is a guy who tells everything to him for straight 3months and: The point is that I developed a rapport, a trust, with someone and without trying and without malicious intent, I had a chance to preload him over months with the ideas that I was kind and compassionate and intelligent. Then when the time arose I was able to present an absurd idea, and because of the months of preloading, it was accepted. -- In most social engineering cases it would much quicker, but I think the principles apply Being as genuine as you can is essential. Because preloading involves the person's emotions and senses, give them no reason to doubt. The question you ask should match your pretext. For preloading to work you have to askfor something that matches the belief you built into them. For example, if my offer was to have me go visit my client's family and take pictures rather than manage his apartment complex, it wouldn't have matched the belief system he had of me, namely that I was a smart, business-minded, caring young man. Finally the offer, when made, must be of benefit to the target, or at least perceived as benefit. In my case, there was lots of benefit to my client. But in social engineering the benefit can be as little as "bragging rights": giving the person a platform to brag a bit. Or the benefit can be much more and involve physical, monetary or psychological benefits. -- Appealing to Someone's Ego The scenario painted in the DHS brochure goes like this: /stacker: "You must have an important job; so and so seems to think very highly of you." Target: "Thank you, that is nice of you to say, but my job isn't that important. All I do here is..." The method of appealing to someone's ego is simplistic but effective. One caution, though: Stroking someone's ego is a powerful tool but if you overdo it or do it without sincerity it just turns people off. -- Using ego appeals needs to be done subtly, and if you are talking to a true narcissist avoid eye rolls, sighs, or argumentativeness when she brags of her accomplishments. Subtle ego appeals are things like, "That research you did really changed a lot of people's viewpoints on..." or "I overheard Ivt. Smith telling that group over there that you are one of the most keen data analysts he has." Don't make the approach so over the top that it is obvious. Subtle flattery can coax a person into a conversation that might have never taken place. -- Expressing a Mutual Interest Consider this mock scenario: /backer: "Wow, you have a background in ISO 9001 compliance databases? You should see the model we built for a reporting engine to assist with that certification. I can get you a copy." Target: "I would love to see that. We have been toying with the idea of adding a reporting engine to our system." Expressing mutual interest is an important aspect of elicitation. This particular scenario is even more powerful than appealing to someone's ego because it extends the relationship beyond the initial conversation. The target agreed to further contact, to accept software from the attacker, and expressed interest in discussing plans for the company's software in the future. Pi\ of this can lead to a massive breach in security. The danger in this situation is that now the attacker has full control. He controls the next steps, what information is sent, how much, and when it is released. This is a very powerful move for the social engineer. Of course, if the engagement were long-term, then having a literal piece of software that can be shared would prove even more advantageous. Sharing usable and non-malicious software would build trust, build rapport, and make the target have a sense of obligation. -- Making a Deliberate False Statement Delivering a false statement seems like it would backfire off the top, but it can prove to be a powerful force to be reckoned with. Pttacker. "Everybody knows that XYZ Company produced the highestselling software for this widget on earth." Target: "Alually that isn't true. Our company started selling a similar product in 1998 and our sales records have beaten them routinely by more than 23%." These statements, if used effectively can elicit a response from the target with real facts. Most people must correct wrong statements when they hear them. It's almost as if they are challenged to prove they are correct. The desire to inform others, appear knowledgeable, and be intolerant of misstatements seems to be built into human nature. Understanding this trait can make this scenario a powerful one. You can use this method to pull out full details from the target about real facts and also to discern who in a group might have the most knowledge about a topic. -- Volunteering Information The DHS brochure makes a good point about a personality trait many of us have. Afew mentions of it have appeared in the book already and it's covered in much more detail later on, but obligation is a strong force. As a social engineer, offering up information in a conversation almost compels the target to replywith equally useful information. Want to try this one out? Next time you are with your friends say something like, "Did you hear about Ruth? I heard she just got laid off from work and is having serious problems finding more work." Most of the time you will get, "Wow, I didn't hear that. That is terrible news. I heard that Joe is getting divorced and they are going to lose the house, too." Asad aspect of humanity is that we tend to live the saying "misery loves company—how true it is in this case. People tend to want to share similar news. Social engineers can utilize this proclivity to set the tone or mood of a conversation and build a sense of obligation. -- Using Intelligent Questions As a social engineer you must realize that the goal with elicitation is not to walk up and say, "What is the password to your servers?" The goal is getting small and seemingly useless bits of information that help build a clear picture of the answers you are seeking or the path to gaining those answers. Either way, this type of information gathering can help give the social engineer a very clear path to the target goal. How do you know what type of questions to use? The fol lowi ng sections analyze the types of questions that exist and how a social engineer can use them. Open-Ended Questions Open-ended questions cannot be answered with yes or no. Asking, "Pretty cold out today huh?" will lead to a "Yes," "Uh-uh," "Yep," or some other similar affirmative guttural utterance, whereas asking, "What do you think of the weather today?" will elicit a real response: the person must answer with more than a yes or no. One way a social engineer can learn about how to use open-ended questions is to analyze and study good reporters. Agood reporter must use open-ended questions to continue eliciting responses from his or her interviewee. Suppose I had plans to meet a friend and he canceled, and I wanted to know why I can ask a question like, "I was curious about what happened to our plans the other night." "I wasn'tfeeling too well." "Oh, I hope you are better now. What was wrong?" This line of questioning usually gets more results than doing an all-out assault on the person and saying something like, "What the heck, man? You ditched me the other night!" Another aspect of open-ended questions that adds power is the use of why and how. Following up a question with how or why can lead to a much more in-depth explanation of what you were originally asking. This question again is not "yes" or "no" answerable, and the person will reveal other details you mayfind interesting. Sometimes open-ended questions can meet with some resistance, so using the pyramid approach might be good. The pyramid approach is where you start with narrow questions and then ask broader questions at the end of the line of questioning. If you really want to get great at this technique learn to use it with teenagers. For example, many times open-ended questions such as, "How was school today?" will be met with an "OK" and nothing more, so asking a narrow question might open up the flow of information better. "What are you doing in math this year?" This question is very narrow and can be answered only with a veryspecific answer: "Algebra II." "Ah, I always hated that. How do you like it?" From there you can always branch out into broader questions, and after you get the target talking, getting more info generally becomes easier. -- Closed-Ended Questions Obviously closed-ended questions are the opposite of open-ended questions but are a very effective way to lead a target where you want. Closed-ended questions often cannot be answered with more than one or two possibilities. In an open-ended question one might ask, "What is your relationship with your manager?" but a closed-ended question might be worded, "Is your relationship with your manager good?" Detailed information is usually not the goal with closed-ended questions; rather, leading the target target is the goal. Law enforcement and attorneys use this type of reasoning often. If they want to lead their target down a particular path they ask very closed questions that do not allow for freedom of answers. Something like this: "Do you know the defendant, Mr. Smith?" "Yes I do." "On the night of June 14th, did you see Mr. Smith at the ABC Tavern?" "I did." "Aid at what time was that?" "11:45pm." All of these questions are very closed ended and only allow for one or two types of responses. -- Leading Questions Combining aspects from both open- and closed-ended questions, leading questions are open ended with a hint leading toward the answer. Something like, "You were at the ABC Tavern with Mr. Smith on June 14th at around 11:45pm, weren't you?" This type of question leads the target where you want but also offers him the opportunity to express his views, but very narrowly It also preloads the target with the idea that you have knowledge of the events being asked about. Leading questions often can be answered with a yes or no but are different from closed-ended questions because more information is planted in the question that when answered gives the social engineer more information to work with. Leading questions state some facts and then ask the target to agree or disagree with them. In 1932 the British psychologist Frederic C. Bartlett concluded a study on reconstructive memory He told subjects a story and then asked them to recall the facts immediately two weeks later, and then four weeks later. Bartlett found that subjects modified the story based on their culture and beliefs as well as personality None were able to recall the story accurately and in its entirety. It was determined that memories are not accurate records of our past. It seems that humans try to make the memory fit into our existing representations of the world. When asked questions, many times we respond from memory based on our perceptions and what is important to us. Because of this, asking people a leading question and manipulating their memory is possible. Elizabeth Loftus, a leadinq fiqure in the field of eyewitness testimony research, has demonstrated through the use of leading questions how distorting a person's memory of an event is easily possible. For example, if you showed a person a picture of a child's room that contained no teddy bear, and then asked her, "Did you see a teddy bear?" you are not implying that one was in the room, and the person is free to answer yes or no as they wish. However, asking, "Did you see the teddy bear?" implies that one was in the room and the person is more likely to answer "yes," because the presence of a teddy bear is consistent with that person's schema of a child's room. Because of this research the use of leading questions can be a powerful tool in the hands of a skilled social engineer. Learning how to lead the target can also enhance a social engineer's abilityto gather information. -- Assumptive Questions /Assumptive questions are just what they sound like—where you assume that certain knowledge is already in the possession of the target. The way a social engineer can determine whether or not a target possesses the information he is after is by asking an assumptive question. For example, one skill employed by law enforcement is to assume the target already has knowledge—for example, of a person—and ask something like, "Where does Mr. Smith live?" Depending on the answer given, the officer can determine whether the target knows the person and how much she knows about him. A good point to note is that when a social engineer uses assumptive questions the whole picture should never be given to the target. Doing so gives all the power to the target and removes much of the social engineer's ability to control the environment. The social engineer never wants to use assumptive questions to accuse the target of a wrong. Doing so alienates the target and again costs the social engineer power. Asocial engineer should use assumptive questions when he has some idea of the real facts he can use in the question. Using an assumptive question with bogus information may turn the target off and will only confirm that the target doesn't know about something that didn't happen. Back to an earlier example, if I wanted to gain information from a leading chemist and I did some research and knew enough to formulate one intelligent sentence I could make an assumptive question but it would ruin future follow up if I was not able to back up the assumption the target would make of my knowledge. For example, if I were to ask, "Because deuterium and tritium have such low temperature thresholds, how does one handle these materials to avoid ignition?" The follow-up information might be hard to follow if I am not a nuclear physicist. This is counterproductive and not too useful. Plan your assumptive questions to have the maximum effect. One adjunct that is taught to law enforcement officials that comes in very handy when using assumptive questions is to say "Now think carefully before you answer the next question..." This kind of a statement preloads the target's mind with the idea that he must be truthful with his next statement. It can take months or years to master these skills. Don't get disheartened if the first few attempts are not successful, and keep trying. Don't fear, though, there are some tips to mastering this skill. I will review these in closing. Mastering Bicitation This chapter has a lot of information for you to absorb, and if you are not a people person, employing the techniques covered might seem like a daunting task. Like most aspects of social engineering, elicitation has a set of principles that when applied will enhance your skill level. To help you master these principles, remember these pointers: • Too many questions can shut down the target. Peppering the target with a barrage of questions will do nothing but turn off the target. Remember, conversation is a give and take. You want to ask, but you have to give to make the target feel at ease. • Too few questions will make the target feel uncomfortable. Have you ever been in a conversation that is filled with "awkward silences"? It isn't good is it? Don't assume that your target is a skilled and willing conversationalist. You must work at making a conversation an enjoyable experience. • /Ask only one question at a time. Chapter 5 covers buffer overflows on the human mind, but at this time your goal is nor to overflow the target. It is to merely gather information and build a profile. To do this you can't seem too eager or non-interested. As you have probably gathered, making elicitation work right is a delicate balance. Too much, too little, too much at once, not enough—any one of them will kill your chances at success. However, these principles can help you master this amazing talent. Whether you use this method for social engineering or just learning how to interact with people, try this: Think of conversation as a funnel, where on the top is the largest, most "neutral" part and at the bottom is the very narrow, direct ending. Start by asking the target very neutral questions, and gather some intel using these questions. Give and take in your conversation, and then move to a few open-ended questions. If needed, use a few closed-ended questions to direct the target to where you want to go and then if the situation fits, move to highly directed questions as you reach the end of funnel. What will pour out of the "spout" of that funnel is a river of information. Think about it in the situation discussed in this chapter of my target at the chamber of commerce gathering. IVtygoal was to gather intel on anything that might lead to a security breach. I started off the conversation with a very neutral question. "Escaping the vultures?" This question broke the ice on the conversation as well as used a little humor to create a bridge that allowed us to exist on the same plane of thought. I asked a few more neutral questions and handed him my card while inquiring what he does. This segues smoothly into the open-ended questions. Abrief information-gathering session that occurred earlier, using carefully placed closed-ended or assumptive questions was key After hearing about the company's recent purchase for new accounting software and network upgrades I wanted to go in for the kill. Having scoped out the building I knew it used RFID, but I wasn't sure if the target would go so far as to describe the card and show it to me. This is where the use of direct questions played a role: coming right out and asking what security the company used. By the time I used that type of question our rapport and trust factor was so high he probably would have answered anyquestions I asked. Understanding how to communicate with people is an essential skill for an elicitor. The social engineer must be adaptive and able to match the conversation to his or her environment and situation. Quickly building even the smallest amount of trust with the target is crucial. Without that rapport, the conversation will most likely fail. Other key factors include making sure that your communication style, the questions used, and the manner in which you speak all match your pretext. Knowing how to ask questions that force a response is a key to successful elicitation, but if all that skill and all those questions do not match your pretext then the elicitation attempt will most surely fail. -- Practice Dialects or Expressions Learning to speak in a different dialect cannot be glanced over quickly Depending on where you live, learning to speak a different dialect or with an accent can take some time. Putting on a southern drawl or an Asian accent can be very difficult, if not impossible. Once I was in a training class with an international sales organization and it had some statistics that said 70% of Americans prefer to listen to people with a British accent. I am not sure if that statistic is true or not, but I can say that I enjoy the accent myself. • Find native examples of the accent you want to learn, to listen to. Books like Dialects for the Stage often come with audiotapes full of accents to listen to. • Try speaking along with the recording you have, to practice sounding like that person. • /^fter you feel somewhat confident, record yourself speaking in that accent so you can listen to it later on and correct errors. • Create a scenario and practice your new accent with a partner. • App!y y°ur accent in public to see if people find it believable. There are innumerable dialects and accents, and I personally find it helpful to write out phonetically some of the sentences I will speak. This enables me to practice reading them and get the ideas sunk into my brain to make my accent more natural. learning expressions that are used in the area in which you are working can make a difference. Cne idea is to spend some time listening to people in public talk to one another. A great place for this is a diner or a shopping mall, or any place you might find groups of people sitting and chatting. Listen closelyto phrases or keywords. If you hear them used in a few conversations you might want to find a way to incorporate these into your pretext to add believability Again, this exercise takes research and practice. -- Practice Dialects or Expressions Learning to speak in a different dialect cannot be glanced over quickly Depending on where you live, learning to speak a different dialect or with an accent can take some time. Putting on a southern drawl or an Asian accent can be very difficult, if not impossible. Once I was in a training class with an international sales organization and it had some statistics that said 70% of Americans prefer to listen to people with a British accent. I am not sure if that statistic is true or not, but I can say that I enjoy the accent myself. • Find native examples of the accent you want to learn, to listen to. Books like Dialects for the Stage often come with audiotapes full of accents to listen to. • Try speaking along with the recording you have, to practice sounding like that person. • /^fter you feel somewhat confident, record yourself speaking in that accent so you can listen to it later on and correct errors. • Create a scenario and practice your new accent with a partner. • App!y y°ur accent in public to see if people find it believable. There are innumerable dialects and accents, and I personally find it helpful to write out phonetically some of the sentences I will speak. This enables me to practice reading them and get the ideas sunk into my brain to make my accent more natural. learning expressions that are used in the area in which you are working can make a difference. Cne idea is to spend some time listening to people in public talk to one another. A great place for this is a diner or a shopping mall, or any place you might find groups of people sitting and chatting. Listen closelyto phrases or keywords. If you hear them used in a few conversations you might want to find a way to incorporate these into your pretext to add believability Again, this exercise takes research and practice. -- Try calling family or friends to see how far you can get manipulating them. Another way to practice is to record yourself as if you were on the phone and then play it back later to hear how you sound. I personally feel that using an outlined script is very important. Here is an illustration: suppose you had to call your phone company or another utility Maybe they messed up a bill or you had another service problem and you are going to complain. After you explain yourself to the rep, telling her how upset and disappointed you are, and the rep does absolutely nothing for you, she says something like, "XY&Z is committed to excellent service; have I answered all your questions today?" If the drone behind the phone thought for one second about what she was asking she would realize how silly it is, right? This is what happens when you use a written-out script instead of an outline. An outline allows you "creative artistic freedom" to move around in the conversation and not be so worried about what must come next. Using the phone to solidify your pretext is one of the quickest methods inside your target's door. -- Provide a Logical Conclusion or Follow-through for the Target Believe it or not people want to be told what to do. Imagine if you went to a doctor and he walked in, checked you over, wrote some things on his chart, and said, "Okay; see you in a month." That would be unacceptable. Even in the event of bad news, people want to be told the next step and what to do. a social engineer, when you leave the target, you may need him to take or not take an action, or you may have gotten what you came for and just need to leave. Whatever the circumstance, giving the target a conclusion or follow-through fills in the expected gaps for the target. Just as if a doctor checked you over and sent you home with no directions, if you engineer your way into a facility as a tech support guy and just walk out without saying anything to anyone after cloning the database, you leave everyone wondering what happened. Someone may even call the "tech support company' and ask whether he needed to do anything, or at worst you just leave the workers wondering. Either way leaving everyone hanging is not the way to leave. Even a simple, "I checked over the servers and repaired the file system; you should see a 22% increase in speed over the next couple days," leaves the targets feeling as if they "got their money's worth." The tricky part for a social engineer is getting the target to take an action after he or she is gone. If the action is vital for completion of the social engineer audit, then you may want to take that role upon yourself. For example, in the account in Chapter 3 of my information-gathering session at the chamber of commerce event, if I wanted that target to follow-up with me through email I could have said, "Here is my card; will you email me some details on Monday about XYZ?" He verywell may have, or he could have gone to the office, forgotten about me completely completely and the whole gig would have failed. What would be better is to say "I would love to get some more information from you. On Monday could I perhaps call you or shoot you an email to get some more details?" The requests you make should match the pretext, too. If your pretext is being a tech support guy, you won't "order" people around with what they must and must not do; you work for them. If you are a UPS delivery person, you don't demand access to the server room. /As mentioned earlier, more steps may exist for perfecting a pretext, but the ones listed in this chapter can give a social engineer a solid foundation to build a perfectly believable pretext. You might be asking, "Okay so you listed all these principles, but now what?" How can a social engineer build a well-researched, believable, spontaneous-sounding, simple pretext that can work either on the phone or in person and get the desired results? Read on. -- Additional Pretexting Tools Other tools exist that can enhance a pretext. Props can go a long way in convincing a target of the reality of your pretext; for example, magnetic signs for your vehicle, matching uniforms or outfits, tools or other carry-ons, and the most important a business card. The power of the business card hit me when I was recently flying to Las \&gas on business, ivy laptop bag usually gets scanned, rescanned, then swabbed for bomb dust or whatever. I am one of those guys who doesn't really mind the extra security precautions because they keep me from blowing up in the air, and I am happywith that. Yet I realize that 90 percent of the time I am going to get extra attention by Transportation Security Administration (TSA). On this particular trip I had forgotten to take my lock picks, RFID scanner, four extra hard drives, bump keys (see Chapter 7), and plethora of wireless hacking gear out of my carryon laptop bag. As it goes through the scanner I hear the lady working the xraysay, "What the heck?" She then calls over another gentlemen who stares at the screen and says, "I have no clue what the heck that stuff is." He then looks around, sees mysmiling face, and says, "Is this you?" I walk over to the table with him as he is emptying my RFID scanner and my large case of lock picks and he says, "Why do you have all of these items and what are they?" I had nothing planned but decided at the last second to try this move: I pulled out a business card and said, "I am security professional who specializes in testing networks, buildings, and people for security holes. These are the tools of my business." I said this as I handed him a business card and he looked at it for about five seconds and then said, "Oh, excellent. Thanks for the explanation." He neatly put all my items back in, zipped the bag up, and let me go. Usually I go through the bomb screening, the little dust machine, and then a patdown, but this time all I got was a thank you and a quick release. I began to analyze what I did differently than normal. The only difference was that I had given him a business card. Granted, my business card is not the $9.99 special from an online card printer, but I was amazed that what seemed to haws happened was that a business card added a sense of license to my claims. My next four flights I purposely packed every "hacking" device into my bags I could find and then kept a business card in my pocket. Each time my bag was examined and I was asked about the contents, I flipped out the card. Each time I was apologized to, had my items packed in neatly, and let go. -- Chapter 5 Mind Tricks: Psychological Principles Used in Social Engineering It all depends on how we look at things, and not on how they are themselves. —Carl Gustav Jung This chapter could be a book unto itself, but I will condense this information down to principles that will truly change the way you interact with people. Some of the topics in this chapter are based on research done by the brightest minds in their respective fields. The techniques discussed in these topics were tested and put through the paces in social engineering environments. For example, the topic of microexpressions is based on the research of the world-renowned psychologist and researcher, Dr. Paul Ekman, who used his genius to develop techniques into reading facial expressions that can literally change the way law enforcement, governments, doctors, and everyday people interact with others. Some of the topics in this chapter are based on research done by the brightest minds in their respective fields. The techniques discussed in these topics were tested and put through the paces in social engineering Some of the principles of Richard Brandler and John Grinder, the originators of neurolinguistic programming, changed people's understanding about thought patterns and the power of words. These topics are subjects for much debate, and this chapter attempts to demystify this subject and explain how you can use them in social engineering. Some of the best interrogators on the planet developed training and frameworks to help law enforcement learn how to effectively interrogate suspects. These principles have such deep psychological roots that learning the methods used can literally unlock the doors to the minds of your targets. Using cues that people give in their speech, gestures, eyes, and faces can make you appear to be a mind reader. -- Learning social engineering skills is not a quick process, so don't be impatient. The methods of learning some of these skills can take years to perfect and a lot of practice to even become proficient. Of course, you may possess a skill for a certain aspect but if you do not, don't become impatient with trying to learn it. Keep on trying harder and practicing and you will get it. -- Before you get into the meat of this chapter, the following section sets the stage for why and how these principles will work. You must understand the modes of thinking that exist. After you understand more clearly how people take in and process information you can begin to understand the emotional, psychological, and physical representations of that process. Modes of Thinking To alter someone's way of thinking you must understand the way people think and in what modes they think. This seems a logical first step to even attempting this aspect of social engineering. You might think you need to be a psychologist or a neurologist to understand the many aspects of how a person can think. Although that can help, it is not necessary With a little research and some practical application you can delve into the inner workings of the human mind. -- Simply confirming your nonverbal behavior to the client, using language from the client's preferred representational system and matching speech volume, tone, and area of speech often overcomes client reluctance to communicate. This simple statement has a lot of depth in it. Basically it is saying that if you can first figure out the target's dominant mode of thinking and then confirm it in subtle ways, you can unlock the doors of the target's mind and help him actually feel at ease when telling you even intimate details. Logically you may ask then, "How do I figure out a target's dominant mode of thinking?" Even asking people what their mode of thinking is will not offer a clear answer, because many people do not know what mode of thinking they often reside in. Due to that, as asocial engineer you must have some tools to help you determine this mode and then quickly switch gears to match that mode. Aclear and easy path exists to this answer but you need to know the basics first. The Senses For centuries philosophers have argued the value of perception. Some go so far as to say that reality is not "real" but just what our senses build into our perceptions. Personally I do not subscribe to that idea, but I believe that the world is brought to our brain by our senses. People interpret those senses for their perception of reality In the traditional classification we have five senses: sight, hearing, touch, smell, and taste. People tend to favor one of these senses and that is the one that is dominant. It is also the way people tend to remember things. As one exercise to determine your dominant sense, close your eyes and picture yourself waking up this morning—what is the veryfirst thing you remember? Was the feeling of the warm sun on your face? Or maybe you remember the sound of the voice of your spouse or children calling you? Do you remember clearly the smell of coffee downstairs? Or quite possibly the bad taste in your mouth, reminding you that you need to brush yourteeth? Of course, this science is not exact and realizing what your dominant sense is may take a few tries to figure out. I once talked to a couple about this concept and it was interesting to watch their expressions. The wife first remembered waking up and seeing the clock and then worrying that she was running late, whereas the husband first remembered rolling over and not feeling his wife next to him. After some more questions it became evident that the husband was a kinesthetic, or his dominant sense was his feeling, whereas his wife was very visual. Of course, walking up to your target and saying, "Close your eyes and tell me the first thing you remember this morning," doesn't seem reasonable. Unless, of course, your pretext is the family shrink, you might meet with some opposition on this route. How can you determine without going through an embarrassing interrogation about their morning rituals what a target's dominant sense is? The Three Main Modes of Thinking Although we have five senses, the modes of thinking are associated with onlythreeofthem: • Sight, or a visual thinker • Hearing, or an auditory thinker • Feeling, or a kinesthetic thinker Each sense has a range within which it works, or a sub-modality. Is something too loud or too soft? Too bright or too dark? Too hot or too cold? Examples of these are as follows: staring at the sun is too bright, jet engines are too loud, and -30 degrees Fahrenheit is too cold. Ivan Pavlov ran an experiment where he rang a bell every time he fed a dog. In the end the dog would hear the sound of the bell, then salivate. What most people don't know is that he was more interested in the physical and emotional aspects of submodalities. The interesting point is that the louder the bell rang the more the dog salivated. The range change of the sub-modality produced a direct physical change. Even though people are very different from dogs, Pavlov's research is very important in understanding how a person thinks. Many of us can think in all three modes, but we dominate in one—one "rings" the loudest. Even within our dominant mode, we might have varying degrees of depth for that dominant sense. Following I will discuss some of the details of each of these modes in more depth. -- Visual The majority of people are usually visual thinkers, in that they usually remember what something looked like. They remember the scene clearly— the colors, the textures, the brightness or darkness. They can clearly picture a past event and even build a picture for a future event. When they are presented with material to decide upon they often need something to see because visual input is directly linked to decision making. Many times a visual thinker will make a decision based on what is visually appealing to him regardless of what is really"better"forhim. Athough men tend to be visual, this does not mean that all men are always visual. That visual marketing or visual aspects normally appeal to men is true, but do not assume all men are visual. Avisual person often uses certain words in his speech, such as: • "I see what you mean." • "That looks good to me." • "I get the picture now." And the range that the dominant sense works in for a visual thinker can have certain characteristics, or sub-modalities, such as: • Light (bright or dim) • Size (large or small) • Color (black and white or color) • Movement (fast or slow) • Focus (clear or hazy) Trying to debate, sell, negotiate, manipulate, or influence a visual thinker with no visual input is very difficult if not impossible. Visual thinkers need visual input to make decisions. -- Auditory Auditory thinkers remember the sounds of an event. They remember that the alarm was too loud or the woman whispered too low. They recall the sweetness of the child's voice or the scary bark of the dog. Auditory people learn better from what they hear and can retain far more from being told things than being shown things. Because an auditory thinker remembers the way something sounded, or because the sounds themselves help recall memories, he may use phrases such as: • "Loud and clear..." • "Something tells me..." • "That sounds okay to me." Aid the range of this dominant sense can be within these sub-modalities: • Volume (loud or soft) • Tone (base or treble) • Pitch (high or low) • Tempo (fast or slow) • Distance (near or far) It is imperative to choose your words carefullywith auditory thinkers. The words they hear will make or break the deal. I have seen whole encounters go from great to a disaster with one wrong word spoken to an auditory thinker. -- Kinesthetic Kinesthetic thinkers are concerned with feelings. They remember how an event made them feel—the warmth of the room, the beautiful breeze on their skin, how the movie made them jump out of their seat with fear. Often kinesthetic kinesthetic thinkers feel things with their hands to get the sense of the objects. Msrely telling them something is soft isn't as real as letting them touch it. But helping recall a soft item they touched before can recall emotions and feelings that are very real to a kinesthetic thinker. The term "kinesthetic" relates to tactile, visceral, and sense-of-self sensations of the body—basically, where a person's body is in space and the self-awareness of how something made him feel. A kinesthetic thinker uses phrases such as: • "I can grasp that idea." • "How does that grab you?" • "I'll get in touch with you." • "I just wanted to touch base." • "How does this feel?" Aid the range for this type can have the following sub-modalities: • Intensity (strong or weak) • Aea (large or small) • Texture (rough or smooth) • Temperature (hot or cold) • Weight (heavyor light) Helping a kinesthetic thinker recall a feeling or emotion tied to something can make those emotions reappear as real as the first time they occurred. Kinesthetic thinkers are probably the most difficult for non-kinesthetic thinkers to deal with because they do not react to sights and sounds and social engineers have to get in touch with their feelings to communicate with this type of thinker. Understanding these basic principles can go a long way toward being able to quickly discern the type of person you are talking to. Again, without asking the target to picture his morning rituals how can you discern the dominant sense? Even more so, why is this so important? -- Discerning the Dominant Sense The key to determining someone's dominant sense is to try to introduce yourself, start a small conversation, and pay close attention to what is being said. As you walk up to the target and lean in to say good morning, maybe she barely looks at you. She might be rude, or she just may not be a visual. Visuals need to look at the person speaking to communicate properly so this behavior would seem to lend to the fact she is not visual. Now ask a simple question such as, "Don't you just love the feel of a beautiful day like today?" and notice her response, particularly whether she seems to light up or not. Maybe you wear a large, shiny silver ring, /is you talk you gesture; maybe you see that the ring catches her eye. Does she reach out, interested, and need to hold the ring or get close to observe it? Kinesthetics are very touchyfeely when it comes to these things. I know a woman who is a strong kinesthetic and when she sees something she thinks is soft or high quality she must touch it. She will say "Wow, that sweater looks so soft!" From that statement one might assume she is a visual, but what happens next is what solidifies it. She then walks up to the person and touches the sweater and feels it. This shows her dominant sense is kinesthetic. The same woman must touch everything in the grocery store when she shops, whether she needs it or not. By touching the objects, she makes a connection and that connection makes it real to her. Often she cannot remember things very well that she did not come into physical contact with. /Asking questions that contain some of the key dominant words, observing a target's reactions, and listening can reveal what dominant sense he or she uses. Listening for keywords such as see, look, bright, dark can lead you to treat a target like a visual. As mentioned earlier this is not an exact science. There isn't a general rule that states if a person says, "I can see what you are saying..." then he is always a visual. Each clue should lead you down the path toward verifying your hunch with more questions or statements. One word of caution: talking to someone in a different mode than they think in can be irritating to some. Using questions to determine a person's mode of thinking can be off-putting. Use questions sparingly and rely more on observation. Why Understanding the Mode Is Important I once worked with a guy, Tony, who could sell a cup of water to a drowning man. Tony was a big believer in seeking out and then using a person's dominant sense in sales. He had a few methods that he used that you may learn from. When he first engaged the target he had a very shiny silver-andgold pen he would hold in his hand. He would gesture a lot and notice whether the person followed the pen with her eyes; if she did slightly Tony would continually make the gestures bigger to see whether her eyes followed. If that didn't seem to work in the first few seconds he would click the pen open and closed. It wasn't a loud noise, but loud enough to disrupt a thought and draw someone's attention if she were an auditory If he thought that was working he would click it with every important thought, causing the target to have a psychological reaction to the sound and what was being said. If that didn't seem to work he would reach out over the table and tap her wrist or forearm, or if he was close enough touch her shoulder. He didn't touch excessively but enough to see whether she would shy away or seemed overly happy or disturbed bythe touch. With these subtle methods he could quickly discern what the person's dominant sense most likely was. This whole act would take under 60 seconds. After he found the information he was looking for, he would then start to move his conversation to that dominant sense, even taking on the traits of that sense in the words he spoke and way he acted and reacted to the conversation. Cne thing about Tony is that he outsold any person I have ever met. People would often say about him, "It is like he knew exactly what I needed." Tony would talk to the person and treat the person the way they wanted to be talked to. If the person was a visual thinker, Tony would use phrases like "Can you see what I am saying?" or "How does this look to you?" He would use illustrations that involved "seeing" things or visualizing scenarios. He would put people in their comfort zone. People feel at ease when they are in their comfort zone. The more you can do as a social engineer to put people in their comfort zone, the better chance you have at success. People gravitate towards those with whom they are comfortable; it is human nature. For example, if someone makes you feel "warm and fuzzy," or seems to understand what you are saying, or seems to see where you are coming from, you easily open up to, trust, and let that person in your circle. I want to reiterate this point: finding and using someone's dominant sense is not an exact science. Asocial engineer should use it as a tool in the arsenal and not rely on it as something magical or scientific. Certain psychological aspects of human nature are based on proven science and can be relied upon. As a matter of fact, some of these aspects are so impressive that they can make you seem like a mind reader. Some of them have been a topic of serious debate and some accepted by psychologists, law enforcement, and social engineers for years. The next section of this chapter discusses these, starting with microexpressions. -- Microexpressions You are probably familiar with the idea of reading facial expressions. When someone is happy sad, angry or whatever, when someone feels it you can look at his or her face and see that emotion. What if someone tries to fake that expression, like a fake smile? We have all done it, walking through the market and bumping into someone we just don't like that much—we put on a "smile" and say, "Hey John, nice to see you. Say hi to Sally." We may act very pleasant and cordial, but inside we are feeling nothing but irritation. The expressions that we show for longer periods of time on our face are called macroexpressions and are generally easier for people to see the emotion that is being conveyed. Similar to microexpressions, macroexpressions are controlled by our emotions, but are not involuntary and often can be faked. A certain few pioneers into the study of human behavior have spent decades researching something, coined microexpressions, to understand how humans relay emotions. Mcroexpressions are expressions that are not easily controllable and occur in reaction to emotions. An emotion triggers certain muscular reactions in a face and those reactions cause certain expressions to appear. Many times these expressions last for as short as one-twenty-fifth of a second. Because they are involuntary muscular movements due to an emotional response, they are nearly impossible to control. Probably one of the most influential researchers in the field of microexpressions is Dr. Paul Ekman. Dr. Ekman pioneered microexpressions into the science it is today. Dr. Ekman has been studying microexpressions for more than 40 years. In the 1970s Dr. Ekman developed FADS (Facial Action Coding System) to label and number each conceivable human expression. His work branched out to not only include facial expressions but also how the whole bodywas involved in deception. By 1972, Dr. Ekman had identified a list of expressions that were linked with basic or biologically universal emotions: • Aiger • Disgust • Fear • Joy • Sadness • Surprise -- Anger Anger is usually easier to spot than some other expressions. In anger the lips become narrow and tense. The eyebrows slant downward downward and are pushed together—then comes the most noticeable characteristic of an
·
2.702 görüntüleme
Harlan okurunun profil resmi
Harlan
@GullyFoyle ·
24 Haziran 2020 11:00
... the most noticeable characteristic of anger, the glare. Anger is a strong emotion and can trigger many other emotions along with it. Sometimes when a person feels anger at something, what you see is a microexpression such as that shown in Figure 5-1. What makes it hard to see is that the facial movements maylastonlyone-twenty-fifthofasecond. Learning to see a specific microexpression can greatly enhance your understanding of people. To learn how to do so, Dr. Ekman recommends practicing that expression on yourself. He says follow these steps: 1. Pull your eyebrows down and together; pretend you are trying to touch your nose with the inner parts of your eyebrows. 2. While your brows are down, try to open your eyes wide, without adjusting your brow position. 3. Press your lips together tight. Do not pucker your lips, just tense them together. 4. dare. What emotion do you feel? The first time I did this, I was overwhelmed with anger. The following is a vital point to this chapter: If producing the facial expression can cause the emotion, that must mean that our facial movements can affect the emotions we feel, and maybe even the emotions of those around us. -- Mastering the ability to reproduce microexpressions will go a long a way toward understanding the emotion behind them. When \ou can successfully reproduce and decode a microexpression, you can understand the emotion that is causing it. At that point you can understand the mental state of the person you are dealing with. Not only reproducing them on yourself but also being able to see and read them in others can be helpful in controlling the outcome of your social engineering engagements. -- Disgust Disgust is a strong emotion usually in reaction to something you really do not like. This "something" does not always have to be a physical object; it can also be something that is based on a belief or feeling. A food that you truly hate can cause the feeling of disgust, which will trigger this expression. What is amazing is even in the absence of the actual smell or sight of the food, the thought of it can cause the same emotion. When I was a teenager, I went to Disney World with a few friends. I am not, and I mean not, a fan of roller coasters. After much prodding I went on Space Mountain, an indoor roller coaster. About halfway through I had determined that I really didn't mind roller coasters when suddenly I was smeared with something very wet and chunky I was then hit with an odor that I can only describe as stomach contents. Not only me, but many behind me had the same reaction and none of us could hold back our lunch, so to speak. Before you knew it, a simultaneous puking splattered the glass of the Tomorrowland Transit Authority a slow-moving observation ride that offers a peek into the actual Space Mountain ride on part of its journey What is amazing is that people in the Tomorrowland ride who sat there slowly going around the park saw the aftereffects hit the glass as they rode through, and saw all the other riders getting physically ill, which made them also vomit— yet they didn't smell the odor or have physical contact with the puke from the roller coaster riders. Why? Disgust. Bodily fluids generally bring on feelings of disgust and this is one reason that while reading this paragraph you probably started to exhibit the expressions of disgust. Disgust is often characterized by the upper lip being raised to expose the teeth, and a wrinkling of the nose. It may also result in both cheeks being raised when the nose is wrinkled up, as if to try to block the passage of the bad smell or thought into one's personal space. I was reading an article on the winter Olympics when I saw this picture of Ekaterina llyukhina (see Figure 5-3) showing very clear traits of disgust. Notice the raised upper lip and the wrinkled nose. Is she looking at her score? Is a competitor beating her? I am not sure, but whatever she is looking at, it is not sitting well with her. Disgust is one of those emotions, according to Dr. Ekman's research, that is in reaction to the sight, smell, or even thought of something distasteful. From a social engineering standpoint this emotion might not lead you down paths of success, but it can surely help you to see whether you are hitting the mark with your target or causing him or her to mentally shut down to your ideas. The odds are that if you cause disgust for any reason in your target, you have lost. If your appearance, smell, style, breath, or other aspect of your person can make a person feel disgust, then it will most likely close the door to success. You must be aware of what is acceptable and unacceptable to your targets. For example, if your audit is for a prestigious law firm and you have many piercings or tattoos, a very strong negative emotion may rise in your target, which can close the door to your social engineering attempt. You must seriously consider your appearance when working on your pretext. If you happen to notice the strong negatius emotion of disgust in your target, then backing down and politely excusing yourself to rework your pretext or find a different path in maybe a good idea. -- Fear Fear is often confused with surprise because the two emotions cause similar muscular reactions in the face. One company I worked with was hit by a malicious social engineer who used fear to gain access to the building. Knowing that the CFO was out of town on an important business meeting and could not be disturbed, the social engineer went into the company as a tech support guy He demanded access to the CFO's office, which was promptly denied. He then played this line, "Mr. Smith, your CFO, called me and told me that while he was away at this meeting I better come down and fix his e-mail problem and that if it is not fixed while he is gone, heads will roll." The secretary feared that if it didn't get fixed, she would be to blame. Would her boss really be angry? Could her job be at risk? Because she feared a negative outcome, the secretary let the phony tech support guy in. If he was a skilled social engineer he may have been watching her facial expressions and noticing whether she exhibited signs of worry or anxiety which are related to fear. He then could have played on these signs more and more, getting her to cave in to her fear. Fear can be a big motivator to do many things that you (or your target) would not normally consider doing. -- Sadness Unfortunately malicious social engineers often use this emotional trigger to obtain things from their targets. I once walked into a restaurant and overheard a young man telling a group of older folks who were leaving that he just ran out of gas on the highway and needed to get home because his wife was nine months pregnant. He had been out of work and had just walked a mile off the highwayto use the phone to call his wife and wondered if they could give him $20. When I heard some of the story I slowed down and made believe I was on a phone call to observe the rest. He told his tale and then backed it up with, "Look if you give me your address, I will mail you a check for the $20," concluding with "I swear to God." The story had some elements in it that could elicit compassion, especially when his face showed concern, anxiety, and sadness. He didn't get $20—tie was given $20 by each of the three people in that group. He said "God bless you" a few times and gave the group a few hugs and said he was going to go in to call his wife and tell her he was on the way home. He hugged them and they left feeling as if they had done their good deed for the week. Afew minutes later as I'm eating my meal, I see him at the bar drinking a couple of fully paid-for drinks with his buddies. Mxing a sad story with some sad facial expressions, he had been able to manipulate the emotions of those around him. [24/06 ÖÖ 10:37] Mehmet: Happiness Happiness can have many facets to it—so many that I can probably make a chapter just on it, but that is not my focus. Dr. Ekman's books cover many excellent points about happiness and similar emotions and how they affect the person with the emotion and those around him or her. What I want to focus on are just a couple aspects of happiness—most importantly the difference between a true smile and a fake smile. The true and the fake smile are an important aspect of human expressions to know how to read, and as a social engineer to know how to reproduce. Has there been a time where you met someone who was very pleasant but after you parted ways your spouse or you yourself said, "That guy was a fake..."? You might not have been able to identify the aspects of a true smile in your head but something told you the person wasn't being "real." In the late 1800s a French neurologist, Duchenne de Boulogne, did some fascinating research into smiling. He was able to attach electrodes to a man's face and trigger the same "muscular" response in the face as a smile. Even though the man was using all the right muscles for smiling, de Boulogne determined that the look of the man was still a "fake smile." Why? When a person smiles for real, de Boulogne indicates, two muscles are triggered, the zygomaticus major muscle and the orbicularis oculi. Duchenne determined that the orbicularis oculi (muscle around the eyes) cannot be triggered voluntarily and that is what separates a real from a fake smile. Dr. Ekman's research concurs with Duchenne's and although recent research indicates some can train themselves to think about triggering that muscle, more often than not a fake smile is all about the eyes. Areal smile is broad with narrow eyes, raised cheeks, and pulled-up lower eyelids. It has been said that a real smile involves the whole face, from the eyes to the mouth. When a person sees a real smile on another person, it can trigger that same emotion inside of them and cause them to smile. Notice in Figure 515 the picture of the two monks. The monk on the left side of the picture is displaying very outward signs of a real smile, real happiness. Just looking at him in this picture probably can trigger happiness in you. From a social engineering standpoint, knowing how to detect and also create a real smile is a valuable piece of information. Asocial engineer wants a target to be put at ease, so as to have the greatest positive effect on the target. Social engineers in any form, whether they are salespeople, teachers, psychologists, or any other social engineer, often start off a conversation with a smile. Quickly our brains analyze how we feel about that visual input given to us and it can affect the rest of the interaction. Alot of information is packed into the preceding section, yet you may be wondering how social engineers can train themselves not only to see microexpressions but also how to use them. -- Training Yourself to See Microexpressions I read the methods on how a particular microexpression is identified, then practice reproducing it using a mirror, comparing my expression to the notes from the professionals that describe how it is done. I usually have a picture that shows the emotion I am working on because having something to mimic helps me. /4fter I feel relatively good about reproducing the microexpression I focus on how it makes me feel, tweaking small areas until the muscular movements cause me to feel the matching emotions. I then scour the Internet looking for pictures and try to identify the expressions in those pictures. Next, I record news or television shows and play certain parts in slow motion with the sound off to see if can determine the emotion, then listen to the story to see if I was close. Pi\ this leads up to working with live "subjects." I watch people interact with each other and try to identify the emotions they are feeling during their discussions. I try both with being able to hear the conversation and also without being able to. The reason I chose this path before trying to read microexpressions in my own conversations is that I found that trying to do it in a live environment without having to also focus on making good conversation is easier. I just read the facial expressions and do not get confused by other sensory input. -- One of the tricks actors use to be able to successfully show proper emotion is to remember and focus on a time when they truly felt the emotion they need to portray; for example, a moment of happiness that produced a real smile. As mentioned earlier, making a real smile is very difficult to fake if you aren't truly feeling happy but if you can bring up a memory when you felt that emotion your muscles will remember and react. Therefore, although you can become proficient at reading the emotion, you cannot read the why behind it. The why is often lost to science. I had a friend who had some bad experiences as a child with a person who closely resembled a good friend of mine. Whenever my friend would come around she had strong emotional reactions. If you were to read her microexpression you would probably see fear, contempt, and then anger on her face. She did not hate myfriend, but she hated the person in her memory who resembled myfriend. This is a good point to remember when you are learning how to read microexpressions. The expression is linked to an emotion, but the expression doesn't tell you why the emotion is being displayed. I know when I first started learning about microexpressions and then became somewhat "proficient" at reading certain expressions, I felt like I was a mind reader, /^though this is far from the truth, the caution is to not be assumptive. You may become very good at reading microexpressions; however, later sections discuss how to combine this skill with interrogation tactics, body language skills, and elicitation skills to not only figure out what targets are thinking, but also to lead them down the path you want. The question you still may have is, "How can I use these skills as a social engineer?" -- How Social Engineers Use Microexpressions This whole section leads up to this: As fascinating as the research is, as amazing as the science is behind this psychology how do you utilize microexpressions in a social engineer audit and how do malicious social engineers use them? This section discusses two methods of how to use microexpressions in social engineering. The first method is using microexpressions (IVE) to elicit or cause an emotion, and the second method is how to detect deceit. Let me start with the first method, using your own IVE to cause an emotional response in others. I recentlyread a research paper that changed my view of IVE and opened my eyes to a new area of research. Researchers Wen Li, Richard E. Zinbarg, Stephan G. Boehm, and Ken A Paller performed a study called "Neural and Behavioral Evidence for Affective Priming from Unconsciously Perceived Emotional Facial Expressions and the Influence of Trait Anxiety' that changes the face of microexpression usage in modern science. The researchers connected dozens of mini-EKGs to muscle points on their subjects' faces. The devices would register any muscular movements in their face and head. They then played videos for them that had one-twentyfifth-second flashes of microexpressions in frames. Li et al., found that in almost every case the subject's muscular movement would begin to mirror that which was embedded in the video. If it was fear or sadness, the subject's facial muscles would register those emotions. When interviewed about the emotion the subject was feeling it was the emotion embedded in the video. To me, this groundbreaking research proves that a person can manipulate another person to a certain emotional state by displaying subtle hints of that emotion. I have started conducting some research into this from a security angle and I am calling if'neurolinguistic hacking," mainly because it takes much from microexpressions as well as neurolinguistic programming (discussed in the next section) and combines them to create these emotional states within a target. Imagine this scenario. Asocial engineer wants to walk into a company with the goal of getting the receptionist to insert a malicious USB keyinto the computer. His pretext is that he has a meeting with the HR manager, but on the way in, he spilled coffee all over his last resume. He really needs this job and to help, would she print him out another copy of the resume? This is a solid pretext that tugs on the receptionist's heartstrings and has worked for me in the past. Yet, if the social engineer allows his own emotional state to run rampant he might be showing signs of fear, which is linked to nervousness. That fear can translate to an uneasy feeling in the receptionist and failure or rejection of the request. Whereas if he were to control his emotions and flash subtle hints of sad microexpressions, which is closely linked with empathy then he might have a very good chance at his request being honored. Recall the previous discussion of the commercials that encourage people to donate "only a dollar a day' to feed a child in need. Before requesting money before flashing a phone number and URL, before telling you that credit cards are accepted, many long images of very sad children flash across yourTVscreen. Those images of children in need and children in pain put your brain in the emotional state that is needed to comply with the request. Do those commercials work on everyone? No, of course not. But although not everyone donates, it will affect almost everyone's emotional state. That is how a social engineer can use IVE to the fullest. Learning to exhibit the subtle hints of these IVE can cause the neurons in your target's brain to mirror the emotional state they feel you are displaying, making your target more willing to comply with your request. This usage of IVE can be malicious, so I want to take a moment to talk about a mitigation (see also Chapter 9). Being aware of how IVE can be used doesn't mean you need to start training everyone in yourcompanyto be an IVE expert. What it does mean is that good security awareness training does need to occur. Even when requests are designed to make you desire to help, desire to save, desire to nurture, the security policy must take precedence. Asimple, "I'm sorry we cannot insert foreign USB keys into our computers. But two miles down the road is a FedEx Kinko's shop. You can print another resume there. Should I tell IWs. Smith you will be a few minutes late?" In this scenario, such a statement would have squashed the social engineer's plans as well as given the target the feeling of being helpful. To utilize the power of IVE, sometimes you have to combine it with other aspects of human behavior as well. The second method, how to detect deceit, describes how you can do this. The second method for using ME as a social engineer is in detecting deception. Wouldn't it be nice if you could ask a question and know whether the response was truth or not? This subject has been a source of heated debate among many professionals who claim that eye patterns, body language, facial expression, or a combination of all the preceding can indicate truth or deception. While some do not believe this to be the case, others feel these can be used as an exact science. Although some truth may exist in each of those thoughts, how can you use microexpressions to detect deception? To answer this question you must take into account more than just microexpressions because, as identified throughout this section, microexpressions are based on emotions and reactions to emotions. Keep this in mind while reading this section, which analyzes some causes and effects. Four things can help you detect deceit in a target: • Contradictions • Hesitation • Changes in behavior • Hand gestures The following sections discuss these items in more detail. -- Contradictions Contradictions are particularly tricky because they often can and do occur in factual accounts. I know in my case I often forget details, and my wife will fill them in quickly After I get a little hint here or there I often can remember the full story. This doesn't mean that I am always lying at the beginning of a story or conversation, but I don't always remember all the details clearly enough to comment on them at first, or I think I do remember the details but I really don't. Even after I "remember" the details, the details may be my version of real ity and not the way the story actual ly happened. This inadvertent dishonesty is important to consider when evaluating contradictions as a clue to lying. What a contradiction should do is prompt you to dig more. Watching the person's microexpressions while you question him about a contradiction is also helpful. For example, suppose you have developed a pretext as a visiting salesperson. You are going to try to gain physical access to the CEO to deliver a CD with a special offer. You know the CEO is very partial to a certain charity so you developed the pretext around that. As you walk into the lobby the front desk person says, "Sorry, he is not in, you can just leave it with me." You know that if you leave the CD a greater chance exists that your "malicious" CD will never be used. You also feel he is in because you see his car in the parking lot and you know today was a normal work day for him. With those facts in mind and without wanting to embarrass the front desk person you say "Oh, he's really not? I called the other day and asked when I could visit and was told todaywas a good day. Did I mixup my days?" If you've played your cards right and your expressions are genuine, this can turn out two ways: • She may hold steady and again say, "Sorry, he's not in." • She may contradict herself (which can be a clue that she is not being truthful): "Let me check whether he is in or not." What? She went from a stem "He is not in" to "Let me check." That contradiction is enough to signal that you should dig more. What was her IVE when she did that? Did she show shame or maybe some sadness at lying? Was she angry at being caught in a lie? Was she embarrassed that she was wrong and maybe confused? You cannot automatically assume she is lying, because maybe she really didn't know, and when you rebutted she decided to reallyfind out. After she confirms whether he is in you can choose to dig a little deeper and probe more to determine truthfulness if needed. Again, playing your card of "Maybe I mixed up my days" and watching her facial expressions can be a good indicator of her truthfulness or not. If in your first go-round you saw any hints of anger, continuing to enquire can cause her to be more angry and embarrassed and end your interaction. fit this point, you may want to ask something like, "If Mr. Smith isn't in right now and I really mixed up my days or times, when can I stop in to see him? What time is the best?" This type of question allows her to save face, as well as gives you another opportunity to read some facial expressions. If you didn't notice anger but maybe saw she looked a little sad or embarrassed then you might want to respond with empathy and understanding to open her up. "I could have sworn that he said today was a good time to drop it off, but you know, my memory is so bad, my wife tells me I am getting Alzheimer's. I bought one of these smart phones, but I'll be darned if I can figure it out. I don't want to be a bother, but when can I just drop this off for him? I want to make sure it gets right into his hands." Be very observant of minor contradictions as they can be key indicators in deceit and hel p you get your foot i n the door. -- Hesitation Similarly to contradiction, you can use someone's hesitation to detect a potential untruth. If you ask a question and the answer should have come quickly from the person, but he hesitates beforehand, it can be an indication that he was using the time to fabricate an answer. For example, when my wife asks me how much my new electronic gadget costs, she knows I know the answer. A hesitation can mean either I am evaluating whether I want to answer truthfully or I might just be remembering the price. When I get a progress report from my son's school that says he missed X number of days at school and I only know about two or three valid absences, I ask him where the rest of these missed days are from. If his answer was, "Dad, don't you remember I had that doctor appointment and then you kept me home that dayto help you with that project?" Most likelythat is full-on truth because it was quick and has facts in the response. However, if he hesitates and comes back with, "Wow, I don't know—maybe the report is wrong," then noting his microexpression during his response is a good idea. Does it indicate anger, maybe at being caught, or sadness at the imagined punishment? Either way it is time for me to investigate more and find out where he was those days. -- Changes in Behavior During a discussion the target may change his behavior everytime a certain topic is brought up. Maybe you notice an expression change or a shift in the way he sits, or a marked hesitation. Al of these actions can indicate deceit. Whether these actions amount to deceit is not certain, but they should cause you to probe more on the topics being discussed in a way that does not alert suspicion. These behaviors can be signs that the person is using the time delays to generate a story recall facts, or decide whether he wants to reveal those facts. -- Scripts in the New Code People tend to have common problems, so groups of scripts have been developed to help therapists use NLP in their practice. These scripts lead the participant through a series of thoughts that help guide the person to the desired end. Ai example of one script is an outline of how to increase your sales by getting someone to start talking about their dreams. Once you have them talking about certain goals or aspirations, you can posit your product or service as answering one of the needs to reach those goals. By positively building on your product as fitting a need they have, you give your potential sale's brain a way to connect your product with positive sales. If you take time to Google much of the information included here you will see that NLP can take on a life of its own. You can take many angles and paths when studying NLP Despite all the plethora of information out there the question remains, how can a social engineer use NLP? How to Use NLP as a Social Engineer Many of the scripts and principles of NLP tend to lean toward hypnosis and similar avenues. Even though you will not use hypnosis to social engineer a target, you can use many of the principles of NLP as a social engineer. For example, NLP can teach you how to use your voice, language, and choice of words to guide people down the path you want. -- Voice in NLP You can use your voice to inject commands into people just as you would use code to inject commands into a SQL database. The way you say things is where the injection occurs; this single moment of injection is framed within regular conversation. Sometimes how you say something is more important important than whatyou say. NLP promotes the use of embedded commands to influence a target to think a certain way or take a certain action. Also, using the tones of your voice to emphasize certain words in a sentence can cause a person's unconscious mind to focus on those words. For example: For instance, ask "Don't you agree?" Instead of putting an upswing on the word "agree," like you would normally at the end of a question, put a downswing to make the question more of a command. Another one I have heard used effectively is, "My customers usually do the things I say Do you want to begin?" The way that sentence is used and surrounded by other statements can make this a very commanding statement. -- Using Ultimate Voice in Social Engineering You can master the Ultimate \£>ice but it takes lots of practice. The ability to embed commands into normal conversation is a skill that is very useful when mastered. Ultimate voice is the ability to inject commands into people's minds without their knowledge. It can sound very artificial when new people try it, until enough practice makes them sound natural. Hypnotists often use this technique like so: "You can feel yourself relaxing as you slip into calmness." This standard therapy phrase can be adapted to nearly any command you like. Put extra emphasis on the vowels in the words you want to accent—for example, "yooouurseeelf reelaaxiing." -- To conclude this section, consider three things a social engineer should focus on when studying NLP: • Vocal tones, fie stated previously the tones of your voice as well as the emphasis you put on certain words can change the whole meaning of a sentence. Using tone and emphasis, you can embed commands inside of the subconscious mind of the target and allow the target to be more open to suggestion. • Chose your words carefully. Learn to choose the words that have maximum impact. Match positive words with thoughts you want the target to think positively on and negative words with those you want them to not think of too highly. This technique can also help the social engineer make a target more pliable. • Create a list of command sentences that you can use in person or during a phone social engineering audit. Writing out and practicing command sentences will help you be able to recall and use them when in need. Most of all, practice. Controlling your vocal tones, the words you choose, and how you say them is not an easy task. Practice can make this become second nature. -- When starting an interview or interrogation here are areas to observe for changes in the subject: • Body posture: Upright, slumped, leaning away • Skin color: Pale, red, white, changes • Head position: Upright, tilted, forward/back • ^es: Direction, openness • Hands/feet: IVbvement, position, color • Mouth/lips: Position, color, turned up/down • Primary sense: Msual, aural, kinetic, feeling • Voice: Pitch, rate, changes • Words: Short, long, number of syllables, dysfunctions, pauses -- Handling Denials and Overcoming Objections Whether on the phone or in person, what is the plan of action if you are denied access to the place or information you are seeking? I like to call these conversation stoppers. People use them with salespeople all the time, "I'm not interested." "I don't have time right now." "I was just leaving...." Whatever flavor of stopper targets throw out, you must have a plan to overcome it and handle the denial of access. I like to preemptively preemptively dismiss objections if I feel the situation warrants. When I was in sales, I worked with a man named Tony who had a tactic that involved knocking on a door and introducing himself, and without pausing saying, "I know you might want to say you are not interested, but before you do, can you answer this one question: Is five minutes of your time worth $500?" At this point, the person was much less likely say "I'm not interested." By diminishing the possibility of denial and following up with a question, Tony was able to get the target to think about something else besides her objection. In a social engineering engagement you can't walk up to the security guard and say "I know you don't want to let strange people in the door but..." because it would raise way too much suspicion. Using this methodology to overcome objections is much more complexfor social engineers. You have to think about what objections might arise and organize your theme, story dress, and person to pre-empt those objections. Yet you still have to have a good answer to give for when objections come up. You can't just run out the door or hang up the phone. Agood exit strategy enables you to come back to attack later on. An exit strategy can be as simple as, "Well, ma'am, I'm sorry you won't let me in to see M. Smith. I know he will be greatly disappointed because he was expecting me, but I will give him a call later and set up another appointment." -- Keeping the Target's Attention If you handled your social engineering move correctly up to this point and you are in front of the target, then the target may start to think about what would happen if she does not allow access, take the file, or do what you are asking. You need to feed off of that inherent fear and use it to continue to move the target to your goal. Afew short statements like, "Thank you for your help. I was so nervous about this interview that I obviously put the wrong date down in the calendar. I hope that M-s. HR Manager is some place warmer than here?" Alow for a response then continue, "I want to thank you for your help. When will she be back so I can call to make another appointment?" -- Keeping the Target's Attention If you handled your social engineering move correctly up to this point and you are in front of the target, then the target may start to think about what would happen if she does not allow access, take the file, or do what you are asking. You need to feed off of that inherent fear and use it to continue to move the target to your goal. Afew short statements like, "Thank you for your help. I was so nervous about this interview that I obviously put the wrong date down in the calendar. I hope that M-s. HR Manager is some place warmer than here?" Alow for a response then continue, "I want to thank you for your help. When will she be back so I can call to make another appointment?" -- So how can you become a great listener? The following steps can help you perfect your listening skills. These tips can assist you not only in social engineering but also in life, and when applied to a social engineering audit can make a world of difference. 1. Pay attention. Give your target your undue attention. Do not fiddle with your phone or other gadget. Do not drum or tap your fingers. Try to focus intently on what is being said, looking at the person speaking. Do this in a very inquisitive way, not in a scary, "I want to stalk you" way. Try hard not to think ahead and plan your next response. If you are planning your next response or rebuttal you will not be focused, and you may miss something important or give the target the impression you don't really care. This can be very hard to control, so perfecting this tendencywill take some serious work for most people. fiiso try to not be distracted by environmental factors. Noise in the background or a small group laughing about something can shift your focus; do not allow that to happen. Finally pay close attention to what the speaker is not saying, too. The body language, facial cues, and other aspects of communication should be "listened" to intently. 2. Provide proof that you are listening. Be open and inviting with your body language and facial expressions. Nod once in a while, not too often, but often enough to let the target know you are there. You don't want to look like a bobble head doll, but you want to let the target know you are "with him." Don't forget the all-important smile. Smiling can tell the target you are with him mentally and you understand what he's saying. As with paying attention mentioned earlier, add small smiles when appropriate. If the person is telling you her dog just died, nodding and smiling will most likely get you nowhere. 3. Provide valuable feedback. Letting your personal beliefs and experiences filter the message coming your way is all too common. If you do that you may not truly "hear" what the s peaker is sayi ng. Be sure to ask relevant questions. If she is telling you about the blue sky then you say "So how blue was the sky?" will not be effective. Your questions must show you have been actively listening and have the desire to gain a deeper understanding. Every now and then mirroring or summarizing what you have heard can work well, too. Don't recite the conversation like a book report, but recapping some of the main thoughts can help the target see you are in tune with the message. 4. Do not interrupt. Not much more needs to be said on this tip. Interrupting your target shows a lack of concern for his feelings and stops the flow of thoughts. Letting him finish and then speaking is better. 5. Respond appropriately. This is the pinnacle of good or bad listening skills. If you were focused on your rebuttal or next statement, or you were thinking about the very attractive blonde that just walked by you might put yourfootin your mouth. I was once training a group of people and was telling them some aspects of very detailed manipulation tactics. I could tell two guys were not listening. I put in a random thought like, "So then you bake the lion at 350 degrees for 15 minutes til crispy." The rest of the group broke out in laughter and I turned to one of the two and said, "What do you think, John?" He responded responded with a blank stare and a stuttered, "Urn, yah, sounds perfect." Do not ever do that to a target. It is a death blow to rapport (discussed later in this chapter). Be respectful, keep your emotions in check, and respond appropriately at all times when conversing with a target. -- Aiso, remember to react to the message, not the person. If you don't agree with a person's beliefs or stance, affording him or her dignity will go a long way in making that person feel comfortable with you. Even in situations where you might not agree you can find something empathic to say. For example: Target: "This job stinks. They make me work this horrible shift and for low pay, too." SE "It sounds to me like you are overwhelmed by your situation here." /Although you might be thinking "Try Harder,"™ by responding this way you let the target know you were listening, as well as empathizing with her plight in life. This technique is known as reflective responding. Reflective responding has some basic principles to it: • Listen actively, as described earlier. • When it's time to respond, be aware of your emotions. Knowing what you feel as the target is speaking can help you to react properly. • Repeat the content, not like a parrot, but in your words. • Start your response with a non-committal phrase such as, "It sounds like," "It seems like," or "It appears that." These phrases ease the message you are trying to deliver. If you need proof of this, the next time you get into an argument with your mate, boss, parents, or whomever say, "You are mad at me because..." and compare the person's reaction with what you get when you say "It appears you are mad because of..." instead. You will see which one is taken better. Reflective responding used with active listening is a very deadly force in the trust and rapport-building skills arena. you learn to listen better and it becomes part of your nature you will enhance your ability to react to the message you hear. Asocial engineer's goal is to gather information, gain access to someplace or something you should not have access to, or cause the target to take an action he should not take. Thinking that you must be perfect at manipulation often stops people from learning and practicing great listening skills, but this is the exact reason you need to be a great listener. Consider these two scenarios: • One of your neighbors comes over and asks whether you have time to help him with a project in his garage for about an hour. This neighbor has a dog that has gotten into your garbage a few times and tends to like to use your yard as a bathroom. You are just about to sit down to relax at the end of a long day and watch some TV or read a book. • Your childhood friend comes over and tells you that he needs some help moving some furniture. He just got a place about five miles from you and he can't get the couch up the stairs. You are just about to sit down to relax a bit. For which scenario are you more likely to put aside relaxing? Most people will put aside relaxing for the second scenario, but will come up with an excuse or reason to not help out in the first scenario or at least try to postpone it to another day when they are not "busy." Why? People are very open and free with friends. When you feel comfortable with someone, you have no boundaries and will put aside your own wants and needs at times to help them out. One naturally trusts the message coming from a friend, whereas with the stranger one might start to double-guess what's being said, trying to determine whether it is truthful or not. In the case of the relationship with the friend, this connection is called rapport. For years rapport has only been talked about when it comes to salespeople, negotiators, and the like. Rapport isn't just for salespeople; it is a tool that anyone can use, especially the social engineer. If you are wondering how to build rapport instantly, then read on. -- Building Instant Rapport IvV former coworker, Tony, used to say that building rapport was more important than breathing. I don't really believe that to be true, but it does have a ring of truth in that rapport building is vital. Wikipedia defines rapport as, "One of the most important features or characteristics of unconscious human interaction. It is commonality of perspective: being 'in sync' with, or being 'on the same wavelength' as the person with whom you are talking." Why is rapport discussed in this chapter? It is a key element in developing a relationship with any person. Wthout rapport you are at an impasse. Within the psychological principles behind social engineering, rapport is one of the pillars. Before getting into the aspects of how to use rapport as a social engineer you must know how to build rapport. Building rapport is an important tool in a social engineer's arsenal. Imagine that you could make people you meet want to talk to you, want to tell you their life story and want to confide in you. Have you ever met someone like that, someone you met recently but feel totally at ease telling him or her very personal things? Many psychological reasons may play into why that maybe the case, but the case maybe that you and that person just had good rapport. The following sections outline important points about building rapport and how to use rapport in social engineering. -- Be Genuine about Wanting to Get to Know People How important are people to you? Do you enjoy meeting new people? It is a mindset about life, not something that can be taught. The prerequisite to building rapport is liking people. People can see through a fake interest. To be a good social engineer and to be able to use rapport, people need to be important to you. You must like people and enjoy interacting with them. You have to want to learn about people. People can see through fake smiles and fake interest. Developing a genuine interest in your target can go a long waytoward building rapport. Take Care with Your Appearance You cannot change some things that may affect your interaction with others. Unfortunately people can still hold your skin color, gender, or age against you before you facilitate any interaction. You can't control those things, but you can control aspects of your appearance such as clothing, body odor, and cleanliness, as well as your eye contact, body movements, and facial expressions. I read a statement once that I have seen proven true too many times to ignore: "If a person is not comfortable with himself, others will not be comfortable with him either." Be aware of your pretext and your target. If your pretext is the janitor, make sure your demeanor, dress, attitude, and words reflect someone in that position. If your pretext is a manager of a business, then make sure you act and dress appropriately. This takes research but nothing kills rapport easier than not looking the part. Your goal in some instances is to keep people in the autopilot mode that will let them not question you. Having your dress, grooming, or demeanor out of place removes the target from autopilot and hurts your chances at success. Be a Good Listener See the earlier section for more details. The importance of good listening can't be overstated. Whether you are trying to make a friend or make a social engineering move, listening is a skill you need to master. Be Aware of How You Affect People One time I saw an older woman drop an item as she left a grocery store. I picked it up and followed her out to the parking lot. By the time I caught up with her she had her trunk open and was loading groceries into her car. I came up behind this short, little elderly woman and with all 6' 3" of me looming over her said, "Excuse me, ma'am." I was obviously too close for her comfort and when she turned around she screamed out, "Help! He's trying to mug me. Help!" I obviously needed to think about how my presence might affect this woman during my interaction with her. I should have realized that an elderly woman all alone in a parking lot who was not expecting a huge man to walk up behind her might freak out. I should have come around and approached her from a different angle. Be aware of how your appearance and other personal aspects might affect those you will be in contact with. Do you need a breath mint? Make sure no food is on your face or in your teeth. Try to be relatively sure that nothing is glaring in your personal appearance that will turn the person off. UCLAProfessor of Psychology fiibert Ivtehrabian is known for the 7-38-55 Rule, which states that statistics show that only 7% of normal communication is the words we say whereas much more lies in the body language and vocal tones. Try to be aware of yourself, but also pay attention to the first few seconds of interaction with a person. His or her reaction to your approach can tell you whether you possibly missed something, or whether you need to change something to be more effective. a social engineer, be aware of how you affect people. If your end goal is all that is on your mind you will affect the people you come into contact with negatively Think about how your appearance, words, and body language may affect your target. You want to appear open and inviting. Keep the Conversation off Yourself We all love to talk about ourselves and even more so if we feel we have a great story or account to share—it is human nature. Talking about yourself is one way to kill rapport. Let the other person talk about himself until he gets tired of it; you will be deemed an "amazing friend," a "perfect husband," "great listener," "perfect sales guy" or whatever other title you are seeking. People feel good when they can talk about themselves; I guess we are all a little narcissistic, but by letting the other person do the talking you will leave that interaction with his liking you a lot more. Keep the conversation off yourself. This point is especially cogent for social engineers. You have a definite goal in mind and sometimes your judgment and direction can be clouded by what "you" want. Taking that focus off of the target is dangerous as far as success goes. Let targets talk about their jobs, roles, and projects, and be amazed at how much information they release. Remember That Empathy Is Key to Rapport Empathy—defined byRandom House Dictionary as "the intellectual identification with or vicarious experiencing of the feelings, thoughts, or attitudes of another"—is lacking in many people today and is especially hard to feel if you think you have the solution to someone's problem. However, really listening to what someone is saying, trying to identify and understand the underlying emotions, and then using reflection skills can make a person feel as if you are really in tune with him. I felt it necessary to provide the definition of empathy because understanding what it is you have to do is important. Notice that you must "intellectually identify' with and then experience "the feelings, thoughts, or attitudes" of someone else. These aren't always serious, depressing, or extreme emotions. Even understanding why someone is irritated, tired, or not in the best mood can go a long way. Imagine you go to the bank drive through and the teller lady gives you a monster attitude because you forgot to sign your check and she now has to send it back. You also forgot a pen and need to ask her for yet another favor. Your reaction might be similar to mine, especially if she gave you the eye roll and the irritated glance—you want to tell her that she is here to serve you. Instead, try saying this, "It appears you might be a little irritated. I understand that; I get irritated when I have to deal with my forgetful clients, too. I hate to ask this, but could I please get a pen?" It's important to not be patronizing when attempting to show empathy If your empathy seems to come off haughty or arrogant, you can make the target feel like you are patronizing them. You acknowledged her being upset but without accusation, showed that you have the same feelings, and then made a request. Empathy can go a long way toward building rapport; one caveat is that rapport cannot be faked. People need to feel you are genuinely concerned to build that trust relationship. If you are not a natural at displaying empathy then practice. Practice with your family friends, coworkers, teachers, or classmates. However and wherever you do it, practicing being empathetic will greatly improve your relationship-building skills. Empathy is a tool of the social engineer. Unfortunately it is also used often in malicious social engineering. When a catastrophe hits somewhere in the world a malicious social engineer is often there to "empathize" with you. The thing that probably makes this tool so easy for malicious social engineers to use in many cases is because they truly are from bad, poor, or impoverished places. Being in bad straits themselves makes appearing empathetic to others' plights in life easy and therefore creates rapport easily. -- Be Well Rounded in Your General Knowledge Knowledge is power. Don't neglect reading, researching, and studying about the topic of the target's occupation or hobbies. -- Develop Your Curious Side People normally feel a little self-righteous when it comes to their beliefs or thoughts on the way things should be done. That self-righteousness or judgmental attitude can change the way a person reacts to something being said. Even if you don't say anything you may start to think it, which can show in your body language or facial expressions. Instead of being self-righteous, develop a curiosity about how other people think and do things. Being curious keeps you from making rash judgments. This can be applied by being humble enough to ask for help or ask for more information. Be open minded enough to look into and accept another's thoughts on a topic, even if those thoughts differ from yours. Curiosity did not kill the social engineer. This point doesn't change much from a non-social engineer perspective. When you become curious about others' lifestyles, cultures, and languages you begin to understand what makes people tick. Being curious also keeps you from being rigid and unbending in your personal judgments. You may not personally agree with certain topics, beliefs, or actions but if you can remain curious and nonjudgmental then you can approach a person bytrying to understand why he is, acts, or portrays a certain way, instead of judging him. Find Ways to Meet People's Needs This point is the pinnacle of the list and is one of the most powerful points in this book. Dr. William Qasser wrote a book called Choice Theory in which he identified four fundamental psychological needs for humans: • Belonging/connecting/love • Power/significance/competence • Freedom/responsibility • Fun/learning The principle behind this point is that creating ways for people to get these needs met by conversing with you builds instant rapport. If you can create an environment to provide those needs for people, you can create bonds that are unbreakable. -- Spies use this principle of filling a need or desire often. In a recent trip to a South American country I was told that its government is infiltrated all the time via fulfilling the basic need of "connecting or love." A beautiful woman will be sent to seduce a man, but this is no one-night stand. She will seduce him for days, weeks, months, or even years. As time continues she will get bolder with her requests for where they are intimate, eventually making their wayto his office, where she gains access to plant bugs, Trojans, or clone drives. This method is devastating, but it works. Social engineers fill desires through phishing emails also. In one test 125 employees of a very reputable company were sent fake image files labeled BritneyNaked.jpg, MleyCyrusShowering.jpg, and other such names, and each image was encoded with malicious code that would give the social engineer access on the user's computer. The results were that more than 75 percent of the images were clicked. What was found was the younger the star mentioned in the picture, the higher the click ratio. These disgusting and devastating facts show how well fulfilling people's desires can work. In person, too, it is no different. Police interrogators use this tacticfor building rapport all the time. The guest told a story that proves this point about the power of rapport to make people comply with requests. The officers had arrested a man who was a peeping torn. He had a fetish where he loved to invade the privacy of women who wore pink cowboy boots. The law enforcement, instead of judging him for the freak he is, used phrases like, "I like the red ones myself," and "I saw this girl the other day wearing short shorts and high cowboy boots, wow!" Affer just a short time he began to relax Why? He was among likeminded people. He felt connected, part of the crowd. Their comments put him at ease and he began to spill his guts about his "habits." The preceding is a nice example of how to develop and build rapport, but how can you use it as a social engineer? You can build rapport in a matter of seconds by applying the principles of building rapport discussed earlier. -- The Five Fundamentals of Influence and Persuasion The five fundamentals of persuasion are crucial in obtaining any type of successful influence upon a target: • Setting clear goals • Building rapport • Being observant of your surroundings • Being flexible • Getting in touch with yourself Have a Clear Goal in Mind Not only should you have a clear goal in mind, you should even go so far as to write it down. Ask yourself, "What do I want out of this engagement or interaction?" As I discussed in Chapter 5, especially in relation to NLP, a human's internal systems are affected by his thoughts and goals. If you focus on something, you maybe more likely to become it or get it. This doesn't mean that if you focus on the thought of getting one million dollars, you will get it. In fact, it is unlikely However, if you had a goal of making one million dollars and focused on the steps needed to make that money your goals, education, and actions would increase the likelihood of you achieving that goal. The same is true with persuasion. What is your goal? Is it to change someone's beliefs? To get him to take an action? Suppose a dear friend is doing something terribly unhealthy and you want to try and persuade her to stop. What is the goal? Maybe the end goal is to persuade her to stop, but maybe little goals exist along the way Outlining all of these goals can make the path to influencing that person clearer. Mer setting the goal, you must ask yourself, "How will I know when I have gotten it?" I once listened to a training program offered by Jamie Smart, one of the world leaders on NLR and he asked each person in the classroom these two questions: • What do you want? • How will you know when you have it? Pt this point, I paused the CD for the first question and answered for myself out loud what I wanted from this course. Then I pressed Play again and when he asked that second question, "How will you know you have gotten it?" I paused the CD again and was lost. It was clear to me that I didn't have a roadmap. I knew what I wanted out of that course, but I didn't know how to gauge when I had gotten it. Knowing what you want out of your engagements is an important aspect of influence and persuasion tactics. When you approach a target knowing what your goals are and what the indicators are that you are getting what you want, then you can clearly identify the path you need to take. Clearly defined goals can make or break the success of the influence tactics used by a social engineer as well as make the next step much easier to master. Rapport, Rapport, Rapport Chapter 5 has a whole section on rapport building. Read it, study it, and perfect your rapport-building skills. Developing rapport means that you get the attention of the person you are targeting and his unconscious mind, and you build trust within that unconscious portion. Mastering the skill of building rapport can change the way you deal with people, and when it comes to social engineering, it can change your whole methodology. To build rapport, start where the person you want to influence is mentally —try to understand their frame of mind. *e they suspicious? /Ve they upset, sad, or worried? Whatever emotional state you perceive them to be in, start from there. Do not focus on your goals as much as focusing on understanding the person. This is a very vital point. This means a social engineer must understand his target enough that they can imagine where theyare consciously. What are the target's thoughts and state of mind? For example, imagine you want to influence your dear friend to want to quit smoking or doing drugs or something else. Notice you don't want to convince her to quit, but convince her to want to quit. Your goal cannot be about you, right? It must focus on the target. You can't start your conversation with what her addiction is doing to you and how much you hate the smell, and so on. The argument has to be what is in it for her. You cannot start the conversation with a verbal attack about what the person has done to you with their habit, but you need to understand where that person's frame of mind is, accept it, and come into alignment with it. Social engineering is much the same: you can't start where you are mentally. This is going to be struggle for many people. Do you know why she smokes? Do you understand the psychological, physical, or mental reasons why? Until you can really get into her shoes, you cannot build a strong rapport and your efforts at influence will fail. In addition, you cannot always base the idea of building rapport on logic. I once was in the hospital with a dear friend who was dying from throat cancer. He had smoked for more than 40 years and one day he found out he had cancer. It spread fast, bringing him to the hospital to live out his last days. His children would come to visit and every now and then they would leave the room. I thought they were overcome with emotion. One time after they excused themselves I went out to comfort them and they were outside the hospital smoking! I was dumbfounded. I don't smoke and have no desire to, and although I can understand how strong an addiction can be, I couldn't understand how after seeing the pain their father was in, how they could raise a cigarette to their lips. Getting someone to want to do something is a blend of emotion and logic, as well as understanding and humility in many cases. Once I walked into an office I was going to do some work for and I had heard a funny comment outside, so when I walked in the main lobby I was chuckling. The woman behind the desk must have just done something embarrassing because when she saw me she immediatelygot angry and yelled at me, "It's not veryfunnyand you are a jerk." Now I didn't know this woman and to tell you the truth I had a goal in mind that this interaction was not going to help. In addition, I felt insulted that she assumed I was laughing at her, and wanted to lash back at her. But instead, I saw she was upset. I got close to the counter so as not to embarrass her anymore, I looked her in the eye, and with sincerity said, "I am so sorry if you thought I was laughing at you. I was in the parking lot and some of your workmates were telling a story about a party oyer the weekend and I thought itwas veryfunny." She looked at me and I could tell she was now even more embarrassed, so to save face for her, I loudly said, "Ma'am, I am sorry for laughing and embarrassing you." This allowed her to save face to those around us. She understood that I "took one for the team" and she responded with extreme kindness. Aminute later she apologized and it worked to my benefit as I was given all the data I asked for, data I normally would have had to work very hard to get. Ateacher I had once used to tell me to "kill them with kindness." That is a pretty powerful statement. Being kind to people is a quick way to build rapport and to establish yourself in the five fundamentals of persuasion and influence. One method to influence people using kindness and rapport is to ask questions and give choices that lead them to a path you want. For example, once I was influenced to take a job I really didn't want as part of a team effort. The team leader was very charismatic and friendly and had the "charm factor" that allowed him to speak to anyone. He approached me and said, "Chris, I wanted to talk to you separately from the team. I need a right hand for a small project. But the person needs to be a go-getter, self motivated. I think this is you, but I don't want to assume; what do you think?" I was excited and flattered by the compliments and the potential to be "important," so I responded, "I am a very self-motivated person. Whatever you need, tell me." The team leader continued, "Well, I am a big believer in leading by example. And I think you have that leadership quality The problem is, some on the team do not, and they need a strong person to show them how it is done." Before the end of the conversation, what he wanted appeared as if it was my idea, which made it impossible to back out of. Powerful indeed, and all started with the power of persuasion. Be in Tune with Yourself and Your Surroundings Being aware of yourself and your surroundings, or sensory acuity, is the ability to notice the signs in the person you are targeting and yourself that will tell you that you are moving in the right direction or not. Many of the principles discussed in the previous chapter apply to persuasion. Reading body language and facial signs can tell you much about your influence on the person. To really master the dual art of influence and persuasion, you have to become a master watcher and master listener. [24/06 ÖÖ 10:37] Mehmet: -- I found, for myself, the ability to be observant proved to be easier for me after receiving some training from Dr. Ekman in microexpressions. I found afterward that not only did I become much more aware of what was going on with those around me, but also myself. When I felt a certain expression on myface, I was able to analyze it and see how it might be portrayed to others. This recognition of myself and my surroundings was one of the most enlightening experiences of mylife. NLP experts promote minimizing your internal dialog when trying to influence others. If you approach the target thinking about the next stage of the attack, the end goal, or comebacks for potential conversation stoppers, that internal dialog can cause you to miss a lot of what is going on around you. Being observant takes a lot of work but the payoff is well worth it. Don't Act Insane—Be Flexible What do I mean by not acting insane and being flexible? One definition of insanity that's been floating around for years is "doing the same thing over and over and expecting different results." Being willing and abletoflexis one of the keys to persuasion. You can think of this flexibility in terms of physical things. If you were tasked to persuade or bend something, would you rather it be a branch from a willow tree or a steel rod? IVbst people would say the willow branch because it is flexible, easier to bend, and makes the task
1 sonraki yanıtı göster
Yorum yapabilmeniz için giriş yapmanız gerekmektedir.