Get the key ideas from
Social Engineering
The Art of Human Hacking
Social Engineering (2011) reveals the secret methods hackers and con artists use to manipulate their targets and scam their victims. The book provides detailed step-by-step depictions of how criminals plan a scheme, and gives you all the tools you need to prevent yourself from being duped.
- Anyone who wants to know how hackers and scammers plan a heist
- Anyone interested in how to influence a stranger’s behavior
- People who watched the BBC series Hustle or The Real Hustle
Christopher Hadnagy is a security expert and professional social engineer. Previously, he worked on the BBC series The Real Hustle, in which he and Paul Wilson demonstrated how con men scam the innocent. He is also the author of Unmasking the Social Engineer.
© Christopher Hadnagy: Social Engineering copyright 2011, John Wiley & Sons Inc. Used by permission of John Wiley & Sons Inc. and shall not be made available to any unauthorized third parties.
Go Premium and get the best of Blinkist
Upgrade to Premium now and get unlimited access to the Blinkist library. Read or listen to key insights from the world’s best nonfiction.
Upgrade to PremiumWhat is Blinkist?
The Blinkist app gives you the key ideas from a bestselling nonfiction book in just 15 minutes. Available in bitesize text and audio, the app makes it easier than ever to find time to read.
Start free trialDiscover
3,000+ top
nonfiction titles
Get unlimited access to the most important ideas in business, investing, marketing, psychology, politics, and more. Stay ahead of the curve with recommended reading lists curated by experts.
Start free trialJoin Blinkist to get the key ideas from
Get the key ideas from
Get the key ideas from
Social Engineering
The Art of Human Hacking
- Read in 15 minutes
- Audio & text available
- Contains 9 key ideas
Synopsis
Social Engineering (2011) reveals the secret methods hackers and con artists use to manipulate their targets and scam their victims. The book provides detailed step-by-step depictions of how criminals plan a scheme, and gives you all the tools you need to prevent yourself from being duped.
Key idea 1 of 9
Social engineering is a way to gain influence over others without them knowing.
Have you ever been persuaded into buying something only to realize later on that you don’t need or want whatever you’ve bought? If so, you’re not alone. Most of us have been brought under the influence of some social engineering tactic at one point or another.
Social engineering is a set of psychological tricks that exploit human vulnerabilities to influence a target’s actions. These tricks can manifest themselves as spoken language, body language and hidden suggestions.
Governments, salespeople and law enforcement officers are deeply familiar with these tactics, but the fact is that we all use social engineering, even with our friends, family and co-workers. For example, when a kid says “I love you, Mommy. Can I have a puppy for my birthday?” they are using social engineering to influence their parent.
Of course, social engineering isn’t only about short-term gain; it can actually be used to do great harm to people. Scammers and con artists, for instance, use social engineering to manipulate their targets and compromise security systems.
If you want to install malware onto a company’s server, you could go in guns blazing and fight your way to the server room. But that’s messy. A social engineer will instead do something like disguise themselves as an IT specialist and prepare a convincing story to get past security.
Once inside, they’re free to do what they want and no one will be the wiser. As far as the security guard knows, the “IT person” was just doing their job.
But no one wants to be conned like this. Luckily, we can protect ourselves with a solid understanding of how social engineering works.
Security auditors, like the author, are hired to play the role of malicious social engineers to test a client’s security system by performing authorized penetration tests, or pentests for short, which are basically fake social engineering attacks. The client, of course, doesn’t know when, where or how this will happen.
Key ideas in this title
- Social engineering is a way to gain influence over others without them knowing.
- Gathering information is the first important step in a fake or real social engineering attack.
- Attackers create undercover pretexts and identities tailored to gain access to their targets.
- Building a connection and rapport with targets makes them susceptible to your suggestions.
- Social engineers are experts at reading microexpressions.
- Social engineers use Neuro-linguistic programming to talk the target into doing what they want.
- Social engineers use both physical and online tools to infiltrate and gather information.
- Learn to identify social engineering tactics and be aware of the valuable information you release.
- Final summary
