Social Engineering Isn’t Just For The Bad Guys
The principles in social engineering can be used for good, not just evil as many believe. Techniques can help people connect, persuade others, and even save lives. There are many professions that use social engineering. Without saying, I’m sure some of you can connect salesmen with social engineering. Well, you would be correct, and though many view salesmen as sleazy and “no good”, their techniques work. However, there are many types of malicious social engineers as well. In this post we will preview the good and bad, novices and experts, successful and unsuccessful.
Let’s Take a Look at Some Social Engineers: Good
This is the “good guy” version of a hacker. They test a company’s networks using a malicious frame of mind in order to find holes in security. Then, by patching these holes, the penetration testers improves a company’s security. The penetration tester may also test physical security, attempting to gain access to the building. By doing this, companies are able to act to prevent damage before it happens.
Using social engineering techniques, salesmen are able to improve the odds of you buying their products. One of the many tactics salesmen use is to connect with their customer. This is in order to come off as a friend, helping you find the best deal. With the reinforced trust between the two parties, there is a greater chance that a sale will happen.
Doctors, Lawyers, Psychologists
These fields may not seem like they involve social engineering, but in reality doctors, lawyers, and psychologists use the same techniques. To diagnose a condition, to win a case, or to help their patient, they use questioning techniques, read body language, and much more. A great example is found in looking at a doctor patient relationship. The doctor must build trust and openness with the patient in order to collect all the information and make an accurate diagnosis.
Let’s Take a Look at Some More Social Engineers: Bad
Hackers look for ways to breach software and networks in order to exploit or steal information, money, and/or other valued items. Although you wouldn’t think someone with a computer uses social engineering, hackers utilize the techniques through their technology. Whether sending an email loaded with persuasion and influence tactics or gaining physical access to a server room, hackers use social engineering almost every time they perform an attack.
Spies are the epitome of a social engineer. Their entire “life”(work) is based around the principles of social engineering. They need questioning, pretexting, and to be on top of their psychological/persuasion game, just in order to survive. Being masters of elicitation, spies are able to dig up information. Using pretexting, spies are able to gain access to controlled areas. It is easy to see how this profession uses these techniques day in and day out.
These thieves steal and ruin a person’s entire life. Using common social engineer techniques, they steal valuable, personal information to obtain a person’s identity. In one case, criminals gain your trust through pretexting or psychological techniques. After having gained your trust, they ask a favor, preying on a human’s tendency to help. Then, exploiting this favor they are able to obtain personal information, stealing your identity.
Believe it or not, disgruntled employees can cause the most damage out of all the others. This is typically someone who is displeased and intends to cause harm to fellow employees or their company. Due to their access and knowledge, they are in a position to cause great harm. Having been an employee, they know the ins and outs of their company, allowing them to have an upper hand when gaining access or manipulating someone. With this power, they are able to put themselves in the position to cause maximum damage.
Scam artists can range from con men on the streets to those who carry out elaborate schemes to trick people out of their hard earned money. The scam artists methods can range from simple games to elaborate 419 scams where a fake office is set up. you may not think that losing a game on the street will cost you a fortune, but people have lost upwards of $100,000 in more complex scams.