Being aware of how attackers use pretexting to g

Chapter 3

Profiling People Through Communication: (or Using Your Words Against You)

To effectively communicate, we must realize that we are all different in the way we perceive the world and use this understanding as a guide to our communication with others.

—TONY ROBBINS

When I wrote Social Engineering: The Art of Human Hacking (Wiley, 2010), I spent some considerable time talking with Chris Nickerson, owner of Lares Consulting, about communication modeling. He is quite skilled and has a deep understanding of the topic.

He really helped me to delve deep into the topic and understand some of the ways communication is used by social engineers. At the end of the day, I can boil down communication modeling to the following key points:

There is always a source.

There is a message.

There is a channel.

There is a receiver.

If you are missing one of these, you don't have communication. Whether you look at the Shannon-Weaver model or Berlo's Sender-Message-Channel-Receiver (SMCR) model of communications, they have similar principles.

Regardless of which one you are familiar with, one of the things I've learned over the years is that the exact model you use really doesn't matter. I know, I know—some of you are probably ready to start burning this book in the streets, but here is why I say this.

If you apply this book's principles regarding rapport, influence, communication profiling, and so on, and the person you are communicating with is receiving the message, it will work. If you use these principles the way the person you are communicating with wants to be communicated with, communication will go exactly how you want it to go.

EXTRA INFO

In 1947, Claude Shannon and Warren Weaver developed the Shannon-Weaver model of communication, which was also called “the mother of all models.” Fifteen years later, David Berlo expanded on that model and created the SMCR communication modeling tool. Later, D. C. Barnlund combined and simplified these tools, making a communication model that most of us are familiar with today. Barnlund’s theory is included in Communication Theory, Second Edition (Routledge, 2008) as Chapter 4, “A Transactional Model of Communication.”

Here is the reference: https://www.taylorfrancis.com/books/e/9781351527538/chapters/10.4324%2F9781315080918-5]

Yes, I realize this is a bold claim, and I don't mean that it's as simple as 1 + 1 being equal to 2.

It can be complicated. Oftentimes, we get in our own way. For example, I am a very direct communicator. Because of this, I don't mind someone telling me when something I did wasn't the best—the key is that you need to tell me how to improve. I also tend to communicate that way with others, which can cause a lot of problems when I am communicating with a person who doesn't like directness.

It's not easy to just switch your communication profile on the fly, although it's easier for some people than for others. The challenge occurs when we get comfortable and relaxed because our brains trigger all the same chemical reactions we want in our targets, and those same reactions can cause us to slip back into our “comfort zone.”

Let me illustrate it this way: Do you remember as a young adult (or a full-grown one) the first time you tried something new? A new type of food, let's say. Since my kids were small, my wife and I encouraged them to always try something at least once. They didn't have to like it or finish it, but we said you can't make a judgment if you don't try it.

One year, we traveled to Hong Kong as a family. We went into a restaurant, and my daughter spotted an item on the menu that intrigued her—it was labeled “Whole Pigeon.” She asked me if she could try it. My first inclination was to say, “Really, those nasty birds?” But I quickly recalled our practice of encouraging the kids to try new things.

My daughter ordered the pigeon, and then she looked at me and said, “Well Dad, what new thing are you gonna try?” I had always been intrigued by sea cucumber, although I'm not sure I had ever wanted to eat it. Sounds harmless right?

Figure 3-1 shows my daughter chowing down on her pigeon, but I don't have an image that shows you what happened when I ate a sea cucumber. They are basically giant slugs that live in the ocean, so use your imagination.

Figure 3-1 And yes, the pigeon's head was included.

What does this anecdote about my family's eating habits in Hong Kong have to do with communication modeling? Well, as soon as I tasted the thing that was uncomfortable for me (and quite disgusting, in my opinion), I went looking for something very, very “American.” Why? It was familiar and comfortable.

Communication is much like this. The first time you step out of your comfort zone to try something new, you might be uncomfortable and want to retreat to your comfort zone, especially if the experience is not amazing. It is important to not stay in your comfort zone, though. The more you try something, the greater likelihood it has of becoming part of your arsenal of tools.

4

Becoming Anyone You Want to Be

Everything you can imagine is real.

—PABLO PICASSO

If I could, I would have this chapter open with the Mission: Impossible theme song, but sadly we haven't figured out how to embed music into the pages of a book. But at least I have you thinking about that catchy tune, which is fitting for this chapter.

Becoming anyone you want be—which in social engineering is called pretexting—sounds super sexy. Some people define pretexting using words like lie, falsehoods, and other negative terms. However, I like to define pretexting in more general terms. The way I explain it in The Social Engineering Framework on my company's website (www.social-engineer.org/framework/influencing-others/pretexting) is this:

Pretexting is defined as the practice of presenting oneself as someone else in order to obtain private information. It is more than just creating a lie; in some cases it can be creating a whole new identity and then using that identity to manipulate the receipt of information. Pretexting can also be used to impersonate people in certain jobs and roles that they never themselves have done. Pretexting is also not a one-size-fits-all solution. A social engineer will have to develop many different pretexts over their career. All of them will have one thing in common: research.

In one job, I had to break into seven different warehouses, and I decided to pose as a fire extinguisher inspector. In another job, we had to gain entry to the C Suite and the mail room of a company, so I pretended to be a pest control serviceman. For yet another job, I had to gain access to the security operations center (SOC) and network operations center (NOC), so I started off as an interviewee for a job, but after I gained access to the building, I had to switch to something else—so I posed as a manager from out of state. I've also presented myself as the head of human resources (HR) and a phone support rep. I could go on and on, but you get the idea: I've played lots of different roles.

The point is that there is no such thing as one pretext that fits all situations, and that is why this chapter is so important. I spend most of the chapter talking about the principles of pretexting and how you can apply them to any situation, whether you are social engineering via phone, email, social media, or in person. I take you through one job that I feel helps truly explain all these principles.

The following are the principles I discuss in this chapter:

Thinking through your goals

Understanding reality versus fiction

Knowing how far to go

Avoiding short-term memory loss

Getting support for pretexting

Executing the pretext

Pretexting can be one the most fun parts of the job, but it can also be one of the most dangerous. If you do not apply these principles, there can be drastic consequences. I will tell you stories of both successes and failures when it comes to pretexting.

Knowing how to pretext is vital if you want to have a career as a professional social engineer. It can truly make the difference between success and failure on the job.

The Principles of Pretexting

Before I delve into each one of the principles, I want to discuss a technique that has helped many aspiring social engineers: method acting or improvisation (aka improv).

Many cities offer method acting or improv classes that anyone can attend for a couple weekends. Many of the tips I give you in this book are covered in those kinds of classes, but the classes can give you something that a book can't help you with: experience.

A method acting or improv class can help you learn to step out of your comfort zone, get into character, and learn what is needed to successfully plan and execute pretexts in the wild. However, not everyone reading this book will be able to find a local class. No worries: you can purchase a DVD called Uta Hagen's Acting Class from Amazon.com (www.amazon.com/Uta-Hagens-Acting-Class-DVDs/dp/B0001Z3IHG). You can also find the video by searching YouTube. This excellent resource takes you through the steps of pretexting and getting into character.

However, even with a good acting class or video, you still need to know the six best tips for learning to pretext. Let's get started with the first one.

Principle One: T hinking T hrough Your Goals

Fire extinguisher inspector, pest control serviceman, HR manager—these are just a few of the pretexts I mentioned that I have used. How did I go about determining which one to use at each location or target?

It all starts with OSINT, where I dig into the details of the person or company and look for relevant stories, news, hobbies, likes, dislikes, events, and so on (and which I cover in more detail in Chapter 2, “Do You See What I See?”). These significant bits of data can tell me a lot about which pretext I should I focus on. But there is one other key piece of information that will determine which pretext jumps out of my arsenal into action: the goal. Understanding what it is I am trying to accomplish is more important than just understanding the business I am trying to infiltrate. Let me illustrate by telling you a story that I call, “The 18th-Floor Escapade.”

I was hired to gain entry to the 18th floor of a secure building. The building was owned and operated by a property management company that was not my client (a company that produces online audio content). The only floor I was allowed to gain access to in this test was the 18th. Generally, this company does not allow walk-in appointments. The elevators were key-carded. And corporate headquarters was in another state.

During the OSINT phase, my team had found very little about the names and identities of the client company's employees who worked inside the target building. However, we did find a manager of the company’s name as well as some of the content that manager produced there.Additionally, we located some documents on a file server that the company didn't intend to be public: a safety checklist, some internal communications newsletters, marketing material about upcoming projects, and a few other miscellaneous documents.

5

I Know How to Make You Like Me

Rapport is the ability to enter someone else's world, to make him feel that you understand him, that you have a strong common bond.

—TONY ROBBINS

OilHater was the nickname of a person who truly hated the oil industry. This man, who was very educated and well spoken, articulately explained on blogs and forums how awful fracking was to the environment and how it was going to ruin the earth for future generations. As his posts gained popularity and he gained a following, more and more anger was evident in his posts.

NOTE

Names in this example have been changed for security.

After months of building his reputation, OilHater started to threaten violence. Posts started to discuss how blowing up fracking stations might be the way to go to stop these heinous attacks on Mother Nature. He even mentioned a few fracking stations in certain areas of Texas that he would like to target.

At this point, Paul started appearing in forums all over the Internet that spoke about the dangers of fracking. Paul was a concerned father of two young kids. A huge oil company started fracking in his area, and he wanted to know how to protect his kids from any potential harm.

The forum was full of helpful people who offered Paul advice on what to do and how to protect his family from damage to water sources and soil. Paul kept posting to the forums, asking questions that an unknowledgeable person would ask.

One day, OilHater answered a message from Paul with extensive knowledge, even correcting a few erroneous posts from other forum members. Paul thanked OilHater for helping him work through some of the confusing information he had received from multiple posters. Paul then complimented OilHater's knowledge by asking if he worked for the oil industry because he seemed to know so much about it.

OilHater explained that he was just a very concerned citizen who had spent hours educating himself on the damage the oil industry was doing. Paul asked if he could private message OilHater with some personal questions. During that private conversation, Paul shared with OilHater that he was from Texas and that he was very curious about that area and asked if it was as dangerous as OilHater had mentioned in his previous answers.

OilHater chimed right in and knew all about that area and how dangerous it was. Paul continued to probe about what could be done. It seemed as OilHater got angrier, Paul became angrier. Paul continued to treat OilHater as the expert on these matters and continued to ask questions.

Paul grew outraged that there was nothing that could be done to stop the fracking operations and save his children. He jokingly said in one conversation, “It seems like the only way to stop them is to blow them off the face of the earth. Too bad we can't.”

OilHater replied, “Don't be so sure.”

Paul enquired what OilHater meant by that, but OilHater went silent for a bit. Paul continued to post on the forums about how upset he was and that the area where he lived in Texas was under siege by the oil industry.

After about a week, OilHater sent a private message to Paul, saying that he had a plan to help stop fracking and that it would help Paul's kids. Paul excitedly replied that he wanted to help but wasn't sure what he could do.

OilHater told him that he had a plan but wasn't sure Paul would want to help. He then said, “It might be dangerous.”

Paul said something like “I might need to take on some danger to save my kids. What do you have in mind?”

OilHater said, “Sometimes our hands have to get dirty to clean up a mess. Do you agree?”

Paul replied, “I get that. I just don't want my kids to end up with cancer or worse, and those crooks are making millions and don't care about the suffering of us little guys.”

OilHater replied, “Do you remember how you said once that the only way to stop them would be to blow them off the face of the planet? We are going to make sure they can't frack for a while.”

Paul said, “I'm curious now. I've never done anything like this, but my kids deserve better. What do you think we can do?”

OilHater said, “Are you familiar with Peg's Diner downtown?”

Paul replied, “Yes, I go there often.”

OilHater said, “Can you meet me there Thursday night at 7:30 p.m.?”

Paul answered, “Yes, sure. But how will I know who you are?”

OilHater said, “Come to the diner and sit in a booth in the far back corner. Wear a baseball cap. I will approach you.”

Paul put up some resistance at this point and said, “I'm sorry, but that seems a little weird. Can I just get your name? My full name is Paul Wilcox, and I live at 123 Main Street. I just want to know who I'm dealing with.”

“Sure, sorry for being so secretive,” OilHater replied, “I'm just used to being anonymous online. I'm Robert Moore. I'll meet you at Peg's at 7:30 in that booth.”

At 7:30 that Thursday night, Robert was met not by Paul Wilcox but by a member of law enforcement who ensured his plans could not come to light.

If you haven't guessed by now, I was Paul Wilcox. This three-and-a-half-week project defines the very essence of what this chapter is about: how building rapport with your targets can get them to trust you. For the rest of this chapter, I will refer to this as Operation Oil.

This chapter is based on the 10 principles that Robin Dreeke outlines in his 2011 book, It's Not All About “Me”: The Top Ten Techniques for Building Quick Rapport with Anyone. Although Dreeke was writing about everyday communications, I will show you how you can apply these principles to social engineering as well.

Before I get started with the 10 principles, I need to talk a little about something I did in Operation Oil that allowed me to start building rapport. It's something so basic but so profound that if you do not do this, you will most likely fail.

The Tribe Mentality

As a social engineer, you must establish that you are a part of the target tribe before you can even begin building rapport. A tribe is simply what identifies a certain group—maybe it is a style of clothing, a group task, an attitude, or shared interest. The commonality among the members of the group creates the “tribe.” To establish yourself as part of a tribe, you need to figure out what aspects you need to mirror to become part of that tribe.

It might be easy to imagine how this works if you think back to high school. The clothing you wore quickly identified you in the tribe.

There's a video titled “The Tribe Mentality – THE BYSTANDER EFFECT” (https://vimeo.com/265364702) that demonstrates how important being part of

,

https://www.social-engineer.org/framework/influencing-others/framing/

https://www.discprofile.com/what-is-disc

https://www.123test.com/disc-personality-test/index.php

https://www.youtube.com/watch?v=22ITGlMO6Rc

https://www.youtube.com/watch?v=4rDTnRGmVBs

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.