Social Engineering Book Summary - Social Engineering Book explained in key points

Listen to the Intro

00:00

Social Engineering summary

Name: Social Engineering
Rating: 4.2 (90 reviews)
Author: Christopher Hadnagy

Christopher Hadnagy

The Art of Human Hacking

4.2 (90 ratings)

19 mins

Topics

Manipulation Strategy

Table of Contents

Social Engineering
Summary of 8 key ideas

Audio & text in the Blinkist app

Key idea 1 of 8

What’s in it for me? Learn the tricks and methods used by scammers, and how to steer clear of them.

Have you heard of the e-mail from a Nigerian prince asking for help retrieving an inheritance in exchange for money? Or have you seen the movie The Sting and been amazed at how the two main characters can fool virtually anyone? You might have asked yourself if people really can pull off these sorts of schemes. Do people really fall for them? The clear answer is yes, but the real question is: why?

Social Engineering is a whole category of knowledge and skills that can make us vulnerable to scammers. Most of the time, we don’t even know that it’s happening. Social Engineering is more than just an inherent skill of sweet talking and social adeptness; it’s a whole science that is used by scammers, as well as the very people who try to prevent scammers.

In these blinks, we will take a close look at the foundations of Social Engineering, how it works and the techniques that it entails.

In these blinks, you’ll discover

how a website about stamp collecting opened up a security gap;
how 734,000 social media users all chose their first name as their password; and
why a picture of your children could make you vulnerable to Social Engineering.

Social engineering is a way to gain influence over others without them knowing.

Have you ever been persuaded into buying something only to realize later on that you don’t need or want whatever you’ve bought? If so, you’re not alone. Most of us have been brought under the influence of some social engineering tactic at one point or another.

Social engineering is a set of psychological tricks that exploit human vulnerabilities to influence a target’s actions. These tricks can manifest themselves as spoken language, body language and hidden suggestions.

Governments, salespeople and law enforcement officers are deeply familiar with these tactics, but the fact is that we all use social engineering, even with our friends, family and co-workers. For example, when a kid says “I love you, Mommy. Can I have a puppy for my birthday?” they are using social engineering to influence their parent.

Of course, social engineering isn’t only about short-term gain; it can actually be used to do great harm to people. Scammers and con artists, for instance, use social engineering to manipulate their targets and compromise security systems.

If you want to install malware onto a company’s server, you could go in guns blazing and fight your way to the server room. But that’s messy. A social engineer will instead do something like disguise themselves as an IT specialist and prepare a convincing story to get past security.

Once inside, they’re free to do what they want and no one will be the wiser. As far as the security guard knows, the “IT person” was just doing their job.

But no one wants to be conned like this. Luckily, we can protect ourselves with a solid understanding of how social engineering works.

Security auditors, like the author, are hired to play the role of malicious social engineers to test a client’s security system by performing authorized penetration tests, or pentests for short, which are basically fake social engineering attacks. The client, of course, doesn’t know when, where or how this will happen.

Gathering information is the first important step in a fake or real social engineering attack.

Whether you’re a security auditor or a criminal social engineer, before you plan an attack, you need to know your target. The more you understand your target, the more you’ll know how to influence them, and the more effective your plan will be.

Start by creating a profile of your target. A good place to start is on the internet: certain websites allow you to track a person’s e-mail address, phone number and even her IP address, while social media can also be a great resource. Be diligent! Even a minor detail can prove valuable.

Attackers create undercover pretexts and identities tailored to gain access to their targets.

Imagine you’re a detective about to go undercover. Would you use your real name, address and backstory? Of course not! You’d create a backstory and alias, and use everything you know to design a solid plan to go undercover.

It all starts with a pretext, that is, a scenario that makes your target feel comfortable doing something they normally wouldn’t. This is why it’s so important to gather good information about your target in the beginning: the better your information about them, the more convincing the pretext will be.

Building a connection and rapport with targets makes them susceptible to your suggestions.

People like to be liked, a fact social engineers know well. They also know that people who like you will do things to earn your affection. But how do you get complete strangers to like you immediately?

Start by making the target feel like you have good chemistry and rapport. One way to do this is by making the conversation about the target. After all, everyone loves to talk about themselves!

Social engineers are experts at reading microexpressions.

Think of all the white lies you’ve ever told. Do you think people knew you were lying? Probably. But it’s not because they were listening carefully to the logic of your fib; rather, they probably read it on your face.

Our faces tend to reveal our emotions involuntarily. These microexpressions flash by in less than a second, but are nonetheless unmistakable.

Social engineers use Neuro-linguistic programming to talk the target into doing what they want.

Con artists are well known for their ability to talk anyone into doing anything. Many chalk this up to a natural born talent for sweet talking, but there is an actual science behind it. In this blink, we’ll examine one such science: Neuro-linguistic programming.

Neuro-linguistic programming, or NLP, is a mode of communication that focuses on the way people think and experience the world.

Social engineers use both physical and online tools to infiltrate and gather information.

Sometimes social engineers are confronted with a challenge that requires more than just sweet talk: locks. But no lock, be it physical or digital (in other words, password protection), is insurmountable.

If you want to open up a physical lock to access personal files or other data, you’ll first need certain tools.

Learn to identify social engineering tactics and be aware of the valuable information you release.

Social engineers combine all these tactics and tools to manipulate their targets without them ever being the wiser. The best way to protect ourselves is to know their methods and how they work.

If you don’t want to get duped, it’s important to educate yourself and your personnel about social engineering tactics. The more you know about elicitation, body language and so on, the better equipped you will be to recognize when someone is trying to use these tactics on you.

Want to see all full key ideas from Social Engineering?

Key ideas in Social Engineering

More knowledge in less time

Read or listen

Get the key ideas from nonfiction bestsellers in minutes, not hours.

Find your next read

Get book lists curated by experts and personalized recommendations.

Shortcasts ^New

We’ve teamed up with podcast creators to bring you key insights from podcasts.

What is Social Engineering about?

Social Engineering (2011) reveals the secret methods hackers and con artists use to manipulate their targets and scam their victims. The book provides detailed step-by-step depictions of how criminals plan a scheme, and gives you all the tools you need to prevent yourself from being duped.

Best quote from Social Engineering

War is 90 percent information. - Napoleon

—Christopher Hadnagy

Who should read Social Engineering?

Anyone who wants to know how hackers and scammers plan a heist
Anyone interested in how to influence a stranger’s behavior
People who watched the BBC series Hustle or The Real Hustle

About the Author

Christopher Hadnagy is a security expert and professional social engineer. Previously, he worked on the BBC series The Real Hustle, in which he and Paul Wilson demonstrated how con men scam the innocent. He is also the author of Unmasking the Social Engineer.

Categories with Social Engineering

Technology & the Future Science Psychology

Books like Social Engineering

Human Hacking

Christopher Hadnagy with Seth Schulman

Win Friends, Influence People, and Leave Them Better Off for Having Met You

My Adventures as the World’s Most Wanted Hacker

22 min

4.4

The Ultimate Introduction to NLP

Richard Bandler

How to Build a Successful Life

The Inside Story of Organized Cybercrime – From Global Epidemic to Your Front Door

20 min

4.2

The 48 Laws of Power (New Version)

Robert Greene

The secret methods to getting what you want

The New Science of Leading Change

14 min

3.9

Happy Mind, Happy Life

Rangan Chatterjee

The New Science of Mental Well-Being

Choosing a Focused Life in a Noisy World

20 min

4.5

13 Things Mentally Strong People Don't Do

Amy Morin

Take Back Your Power, Embrace Change, Face Your Fears and Train Your Brain for Happiness and Success

Cybersecurity Advice from the Best Hackers in the World

What You're Missing and Why It Matters

22 min

4.5

How to Make People Like You in 90 Seconds or Less

Nicholas Boothman

Make Instant, Meaningful Connections for Interviewing, Selling, Managing, Pitching

The Psychology of Human Relationships

17 min

3.7

Neuro-linguistic Programming for Dummies

Romilla Ready and Kate Burton

A beginner's guide to one of psychology's hottest topics

Why We Do What We Do in Life and Business

The Art and Science of Cultivating Influence

A Guide to Becoming the Best Possible Version of Yourself, One Tiny Habit at a Time

How To Make Offers So Good People Feel Stupid Saying No

Build Your Personal Highlight Reel and Unlock Your Potential

19 min

4.6

How to Be Your Own Therapist

Owen O'Kane

Boost Your Mood and Reduce Your Anxiety in 10 Minutes a Day

19 min

4.4

The Psychology of Winning

Denis Waitley

Ten Qualities of a Total Winner

21 min

4.4

Surely You're Joking, Mr. Feynman!

Richard P. Feynman

Adventures of a Curious Character

7 min

3.3

Breaking The Habit of Being Yourself

Joe Dispenza

How to Lose Your Mind and Create a New One

16 min

4.6

Manage Your Day-To-Day

99U and Jocelyn K. Glei

Build Your Routine, Find Your Focus and Sharpen Your Creative Mind

18 min

4.2

How Big Things Get Done

Bent Flyvbjerg and Dan Gardner

The Surprising Factors Behind Every Successful Project, from Home Renovations to Space Exploration

15 min

4.0

The Power of Your Subconscious Mind

Joseph Murphy (Ian McMahan revised)

Unlock Your Master Key to Success

The Science of Creating Heaven on Earth

A Story That Tells You How To Be One

An Essential Guide to Life

Former CIA Officers Teach You How to Detect Deception

What to Say to Get Your Way

17 min

4.6

Switch

Chip Heath & Dan Heath

How to Change Things When Change Is Hard

Transform Your Brain With the New Science of Kindness

18 min

4.1

Do What Matters Most

Rob Shallenberger and Steve Shallenberger

Lead with a Vision, Manage with a Plan, Prioritize Your Time

Reclaiming Life from Work

13 min

4.0

Poor Charlie's Almanack

Peter D. Kaufman

The Wit and Wisdom of Charles T. Munger

26 min

4.3

Man’s Search for Meaning

Viktor Frankl

The harrowing experiences of the author in a concentration camp

Why We Fall For It . . . Every Time

The Japanese Method for Transforming Habits, One Small Step at a Time

18 min

4.6

How to Be a People Magnet

Leil Lowndes

Finding Friends – and Lovers – and Keeping Them for Life

16 min

4.6

No More Mr. Nice Guy!

Robert A. Glover

A Proven Plan for Getting what You Want in Love, Sex, and Life

19 min

4.3

Rewire Your Ocd Brain

Catherine M. Pittman

Powerful Neuroscience-Based Skills to Break Free from Obsessive Thoughts and Fears

It’s Not What You Say, It’s What People Hear

19 min

4.0

Snakes in Suits

Paul Babiak and Robert D. Hare

When Psychopaths Go to Work

The Story of the Human Mind

It's Time to Cheer for Yourself

Seven Ways to Think Like a 21st-Century Economist

27 min

4.1

The Ultimate Guide to Great Mentorship

Scott Jeffrey Miller

13 Roles to Making a True Impact

The Secret to Achieving More with Less

Using the Power of Questions to Communicate, Connect, and Persuade

22 min

4.3

People ❤️ Blinkist

Sven O.

It's highly addictive to get core insights on personally relevant topics without repetition or triviality. Added to that the apps ability to suggest kindred interests opens up a foundation of knowledge.

Thi Viet Quynh N.

Great app. Good selection of book summaries you can read or listen to while commuting. Instead of scrolling through your social media news feed, this is a much better way to spend your spare time in my opinion.

Jonathan A.

Life changing. The concept of being able to grasp a book's main point in such a short time truly opens multiple opportunities to grow every area of your life at a faster rate.

Renee D.

Great app. Addicting. Perfect for wait times, morning coffee, evening before bed. Extremely well written, thorough, easy to use.