Social Engineering Buchzusammenfassung - das Wichtigste aus Social Engineering

Einleitung anhören

00:00

Zusammenfassung von Social Engineering

Name: Social Engineering
Rating: 4.2 (97 reviews)
Author: Christopher Hadnagy

Christopher Hadnagy

The Art of Human Hacking

4.2 (97 Bewertungen)

19 Min.

Kurz zusammengefasst

Social Engineering by Christopher Hadnagy is a guide to understanding and defending against social manipulation. It explores techniques used by social engineers to deceive and influence individuals, providing insight and practical advice for protecting oneself and one's organization.

Themen

Manipulation Strategie

Inhaltsübersicht

Social Engineering
in 8 Kernaussagen verstehen

Audio & Text in der Blinkist App

Kernaussage 1 von 8

What’s in it for me? Learn the tricks and methods used by scammers, and how to steer clear of them.

Have you heard of the e-mail from a Nigerian prince asking for help retrieving an inheritance in exchange for money? Or have you seen the movie The Sting and been amazed at how the two main characters can fool virtually anyone? You might have asked yourself if people really can pull off these sorts of schemes. Do people really fall for them? The clear answer is yes, but the real question is: why?

Social Engineering is a whole category of knowledge and skills that can make us vulnerable to scammers. Most of the time, we don’t even know that it’s happening. Social Engineering is more than just an inherent skill of sweet talking and social adeptness; it’s a whole science that is used by scammers, as well as the very people who try to prevent scammers.

In these blinks, we will take a close look at the foundations of Social Engineering, how it works and the techniques that it entails.

In these blinks, you’ll discover

how a website about stamp collecting opened up a security gap;
how 734,000 social media users all chose their first name as their password; and
why a picture of your children could make you vulnerable to Social Engineering.

Social engineering is a way to gain influence over others without them knowing.

Have you ever been persuaded into buying something only to realize later on that you don’t need or want whatever you’ve bought? If so, you’re not alone. Most of us have been brought under the influence of some social engineering tactic at one point or another.

Social engineering is a set of psychological tricks that exploit human vulnerabilities to influence a target’s actions. These tricks can manifest themselves as spoken language, body language and hidden suggestions.

Governments, salespeople and law enforcement officers are deeply familiar with these tactics, but the fact is that we all use social engineering, even with our friends, family and co-workers. For example, when a kid says “I love you, Mommy. Can I have a puppy for my birthday?” they are using social engineering to influence their parent.

Of course, social engineering isn’t only about short-term gain; it can actually be used to do great harm to people. Scammers and con artists, for instance, use social engineering to manipulate their targets and compromise security systems.

If you want to install malware onto a company’s server, you could go in guns blazing and fight your way to the server room. But that’s messy. A social engineer will instead do something like disguise themselves as an IT specialist and prepare a convincing story to get past security.

Once inside, they’re free to do what they want and no one will be the wiser. As far as the security guard knows, the “IT person” was just doing their job.

But no one wants to be conned like this. Luckily, we can protect ourselves with a solid understanding of how social engineering works.

Security auditors, like the author, are hired to play the role of malicious social engineers to test a client’s security system by performing authorized penetration tests, or pentests for short, which are basically fake social engineering attacks. The client, of course, doesn’t know when, where or how this will happen.

Gathering information is the first important step in a fake or real social engineering attack.

Whether you’re a security auditor or a criminal social engineer, before you plan an attack, you need to know your target. The more you understand your target, the more you’ll know how to influence them, and the more effective your plan will be.

Start by creating a profile of your target. A good place to start is on the internet: certain websites allow you to track a person’s e-mail address, phone number and even her IP address, while social media can also be a great resource. Be diligent! Even a minor detail can prove valuable.

Attackers create undercover pretexts and identities tailored to gain access to their targets.

Imagine you’re a detective about to go undercover. Would you use your real name, address and backstory? Of course not! You’d create a backstory and alias, and use everything you know to design a solid plan to go undercover.

It all starts with a pretext, that is, a scenario that makes your target feel comfortable doing something they normally wouldn’t. This is why it’s so important to gather good information about your target in the beginning: the better your information about them, the more convincing the pretext will be.

Building a connection and rapport with targets makes them susceptible to your suggestions.

People like to be liked, a fact social engineers know well. They also know that people who like you will do things to earn your affection. But how do you get complete strangers to like you immediately?

Start by making the target feel like you have good chemistry and rapport. One way to do this is by making the conversation about the target. After all, everyone loves to talk about themselves!

Social engineers are experts at reading microexpressions.

Think of all the white lies you’ve ever told. Do you think people knew you were lying? Probably. But it’s not because they were listening carefully to the logic of your fib; rather, they probably read it on your face.

Our faces tend to reveal our emotions involuntarily. These microexpressions flash by in less than a second, but are nonetheless unmistakable.

Social engineers use Neuro-linguistic programming to talk the target into doing what they want.

Con artists are well known for their ability to talk anyone into doing anything. Many chalk this up to a natural born talent for sweet talking, but there is an actual science behind it. In this blink, we’ll examine one such science: Neuro-linguistic programming.

Neuro-linguistic programming, or NLP, is a mode of communication that focuses on the way people think and experience the world.

Social engineers use both physical and online tools to infiltrate and gather information.

Sometimes social engineers are confronted with a challenge that requires more than just sweet talk: locks. But no lock, be it physical or digital (in other words, password protection), is insurmountable.

If you want to open up a physical lock to access personal files or other data, you’ll first need certain tools.

Learn to identify social engineering tactics and be aware of the valuable information you release.

Social engineers combine all these tactics and tools to manipulate their targets without them ever being the wiser. The best way to protect ourselves is to know their methods and how they work.

If you don’t want to get duped, it’s important to educate yourself and your personnel about social engineering tactics. The more you know about elicitation, body language and so on, the better equipped you will be to recognize when someone is trying to use these tactics on you.

Du möchtest die gesamte Zusammenfassung von Social Engineering sehen?

Kernaussagen in Social Engineering

Mehr Wissen in weniger Zeit

Sachbücher auf den Punkt gebracht

Kernaussagen aus Sachbüchern in ca. 15 Minuten pro Titel lesen & anhören mit den „Blinks”

Zeitsparende Empfehlungen

Titel, die dein Leben bereichern, passend zu deinen Interessen und Zielen

Podcasts in Kurzform ^Neu

Kernaussagen wichtiger Podcasts im Kurzformat mit den neuen „Shortcasts”

Worum geht es in Social Engineering?

Social Engineering (2011) reveals the secret methods hackers and con artists use to manipulate their targets and scam their victims. The book provides detailed step-by-step depictions of how criminals plan a scheme, and gives you all the tools you need to prevent yourself from being duped.

Bestes Zitat aus Social Engineering

War is 90 percent information. - Napoleon

—Christopher Hadnagy

Wer Social Engineering lesen sollte

Anyone who wants to know how hackers and scammers plan a heist
Anyone interested in how to influence a stranger’s behavior
People who watched the BBC series Hustle or The Real Hustle

Über den Autor

Christopher Hadnagy is a security expert and professional social engineer. Previously, he worked on the BBC series The Real Hustle, in which he and Paul Wilson demonstrated how con men scam the innocent. He is also the author of Unmasking the Social Engineer.

Kategorien mit Social Engineering

Technologie & Zukunft Wissenschaft Psychologie

Ähnliche Zusammenfassungen wie Social Engineering

Human Hacking

Christopher Hadnagy with Seth Schulman

Win Friends, Influence People, and Leave Them Better Off for Having Met You

My Adventures as the World’s Most Wanted Hacker

22 min

4.4

The Ultimate Introduction to NLP

Richard Bandler

How to Build a Successful Life

The Inside Story of Organized Cybercrime – From Global Epidemic to Your Front Door

20 min

4.3

The Art of Influencing Anyone

Niall Cassidy

The classic must-read for anyone who wants to learn how to sound more convincing and persuasive

17 min

4.1

Neuro-linguistic Programming for Dummies

Romilla Ready and Kate Burton

A beginner's guide to one of psychology's hottest topics

The secrets of 40 millionaires' wealth, revealed

15 min

4.4

The Laws of Human Nature

Robert Greene

What affects your day-to-day life

29 min

4.5

Build the Life You Want

Arthur C. Brooks & Oprah Winfrey

The Art and Science of Getting Happier

Your War with a New Financial World Order and How to Fight Back

17 min

3.2

Read People Like a Book

Patrick King

How to Analyze, Understand, and Predict People’s Emotions, Thoughts, Intentions, and Behaviors

The 20 Skills and Competencies Everyone Needs to Succeed in a Digital World

How to Think and Act Like the Most Successful and Highest-Paid People in Every Field

28 min

4.2

Show the Value of What You Do

Patricia Pulliam Phillips & Jack J. Phillips

Measuring and Achieving Success in Any Endeavor

19 min

4.3

The Life-Changing Magic of Tidying Up

Marie Kondo

The Japanese Art of Decluttering and Organizing

What the Rich Teach Their Kids about Money – That the Poor and the Middle Class Do Not!

29 min

4.6

The Power of Neurodiversity

Thomas Armstrong

Unleashing the Advantages of Your Differently Wired Brain

20 min

4.5

Pegasus

Laurent Richard and Sandrine Rigaud

How a Spy in Our Pocket Threatens the End of Privacy, Dignity, and Democracy

10 min

4.3

The Subtle Art of Not Giving a F*ck

Mark Manson

A Counterintuitive Approach to Living a Good Life

The Art of Split-Second Persuasion

The Science and Secrets Behind 7 Words That Motivate, Engage, and Influence

11 min

4.2

How to Make People Like You in 90 Seconds or Less

Nicholas Boothman

Make Instant, Meaningful Connections for Interviewing, Selling, Managing, Pitching

Technology, Power, and the Twenty-first Century's Greatest Dilemma

20 min

4.5

Discipline Equals Freedom

In the Realm of Hungry Ghosts

Gabor Maté

Close Encounters with Addiction

19 min

4.6

Building a Second Brain

Tiago Forte

A Proven Method to Organize Your Digital Life and Unlock Your Creative Potential

19 min

4.5

This Is Your Brain on Music

Daniel Levitin

Understanding a Human Obsession

The Japanese Method for Transforming Habits, One Small Step at a Time

Winning the Heart of the Woman of Your Dreams

16 min

3.9

Easy Money

Ben McKenzie with Jacob Silverman

Cryptocurrency, Casino Capitalism, and the Golden Age of Fraud

Say Less to Get More from Any Pitch or Presentation

The history and core principles of the Eastern philosophy of Zen

23 min

4.5

Gaslighting

Stephanie Moulton Sarkis

Recognize Manipulative and Emotionally Abusive People - and Break Free

A Practical Guide to Overcome Negativity and Better Manage Your Feelings

The Psychology of Persuasion

33 min

4.5

The Man's Guide to Women

John Gottman

Scientifically Proven Secrets from the "Love Lab" About What Women Really Want

18 min

4.1

The Art of Communicating

Thich Nhat Hanh

The fascination of mindfulness in our daily lives

15 min

4.5

The Art of Public Speaking

Dale Carnegie

Become a confident, effective public speaker

The Tactics, Routines and Habits of Billionaires, Icons and World-Class Performers

The Art of Productive Disagreement

23 min

4.4

The Body Keeps the Score

Bessel van der Kolk

Mind, Brain and the Body in the Transformation of Trauma

18 min

4.5

Search Inside Yourself

Chade-Meng Tan

The Unexpected Path to Achieving Success, Happiness (and World Peace)

Being Human in the Age of Artificial Intelligence

The Power of the Pussy

Kara King

How to Get What You Want from Men: Love, Respect, Commitment and More!

13 min

3.5

Think Like a Freak

Steven D. Levitt and Stephen J. Dubner

Find the unconvential yet brilliant ideas hidden in data

21 min

4.3

Economics for the Common Good

Jean Tirole

Delve into economics with a Nobel Prize winner

Former CIA Officers Teach You How to Detect Deception

23 Techniques to Relieve Stress, Stop Negative Spirals, Declutter Your Mind, and Focus on the Present

16 min

4.2

The Fine Art Of Small Talk

Debra Fine

How To Start a Conversation, Keep It Going, Build Networking Skills – and Leave a Positive Impression!

19 min

4.1

❤️ für Blinkist️️️

Ines S.

Ich bin begeistert. Ich liebe Bücher aber durch zwei kleine Kinder komme ich einfach nicht zum Lesen. Und ja, viele Bücher haben viel bla bla und die Quintessenz ist eigentlich ein Bruchteil.

Genau dafür ist Blinkist total genial! Es wird auf das Wesentliche reduziert, die Blinks sind gut verständlich, gut zusammengefasst und auch hörbar! Das ist super. 80 Euro für ein ganzes Jahr klingt viel, aber dafür unbegrenzt Zugriff auf 3000 Bücher. Und dieses Wissen und die Zeitersparnis ist unbezahlbar.

Ekaterina S.

Extrem empfehlenswert. Statt sinnlos im Facebook zu scrollen höre ich jetzt täglich zwischen 3-4 "Bücher". Bei manchen wird schnelle klar, dass der Kauf unnötig ist, da schon das wichtigste zusammen gefasst wurde..bei anderen macht es Lust doch das Buch selbständig zu lesen. Wirklich toll

Nils S.

Einer der besten, bequemsten und sinnvollsten Apps die auf ein Handy gehören. Jeden morgen 15-20 Minuten für die eigene Weiterbildung/Entwicklung oder Wissen.

Julia P.

Viele tolle Bücher, auf deren Kernaussagen reduziert- präzise und ansprechend zusammengefasst. Endlich habe ich das Gefühl, Zeit für Bücher zu finden, für die ich sonst keine Zeit habe.