Social Engineering (2011) reveals the secret methods hackers and con artists use to manipulate their targets and scam their victims. The book provides detailed step-by-step depictions of how criminals plan a scheme, and gives you all the tools you need to prevent yourself from being duped.
Christopher Hadnagy is a security expert and professional social engineer. Previously, he worked on the BBC series The Real Hustle, in which he and Paul Wilson demonstrated how con men scam the innocent. He is also the author of Unmasking the Social Engineer.
© Christopher Hadnagy: Social Engineering copyright 2011, John Wiley & Sons Inc. Used by permission of John Wiley & Sons Inc. and shall not be made available to any unauthorized third parties.
Upgrade to Premium now and get unlimited access to the Blinkist library. Read or listen to key insights from the world’s best nonfiction.
Upgrade to PremiumThe Blinkist app gives you the key ideas from a bestselling nonfiction book in just 15 minutes. Available in bitesize text and audio, the app makes it easier than ever to find time to read.
Start free trialGet unlimited access to the most important ideas in business, investing, marketing, psychology, politics, and more. Stay ahead of the curve with recommended reading lists curated by experts.
Start free trialSocial Engineering (2011) reveals the secret methods hackers and con artists use to manipulate their targets and scam their victims. The book provides detailed step-by-step depictions of how criminals plan a scheme, and gives you all the tools you need to prevent yourself from being duped.
Have you ever been persuaded into buying something only to realize later on that you don’t need or want whatever you’ve bought? If so, you’re not alone. Most of us have been brought under the influence of some social engineering tactic at one point or another.
Social engineering is a set of psychological tricks that exploit human vulnerabilities to influence a target’s actions. These tricks can manifest themselves as spoken language, body language and hidden suggestions.
Governments, salespeople and law enforcement officers are deeply familiar with these tactics, but the fact is that we all use social engineering, even with our friends, family and co-workers. For example, when a kid says “I love you, Mommy. Can I have a puppy for my birthday?” they are using social engineering to influence their parent.
Of course, social engineering isn’t only about short-term gain; it can actually be used to do great harm to people. Scammers and con artists, for instance, use social engineering to manipulate their targets and compromise security systems.
If you want to install malware onto a company’s server, you could go in guns blazing and fight your way to the server room. But that’s messy. A social engineer will instead do something like disguise themselves as an IT specialist and prepare a convincing story to get past security.
Once inside, they’re free to do what they want and no one will be the wiser. As far as the security guard knows, the “IT person” was just doing their job.
But no one wants to be conned like this. Luckily, we can protect ourselves with a solid understanding of how social engineering works.
Security auditors, like the author, are hired to play the role of malicious social engineers to test a client’s security system by performing authorized penetration tests, or pentests for short, which are basically fake social engineering attacks. The client, of course, doesn’t know when, where or how this will happen.