Social Engineering - The Gentleman Thief - The Art of Deception

1. Social Engineer – Art of Deceiving
The Gentleman Thief

2. Agenda
Facts – Hacking The Mind
What is Social Engineer ?
Why Everyone is Vulnerable ?
Attacking Human Behaviors
Types of Social Engineering
Body Language
Mitigation

3. The Famous - Who Am I Today ?!!!
Every Time I write this slide – I open my history which have been saved before!!!
* Penetration Tester Specialist and Security Researcher at DTS-Solution
* Certified a lot of things (Would there be a difference? )
• Author of WeBzY and XSSYA tools
• Bug Hunter in my Spare Time
* Experienced in Penetration Testing since over 7 years (System - Network –
Web Application – Mobile Application – Physical Pen. Testing & Social
Engineering Assessments )

4. Facts – Hacking The Mind

5. Facts – Hacking The Mind

6. Facts – Hacking The Mind
Most Malicious attacks come from within
The organization
You Should Worry About Security Awareness
More than patches

7. What is Social Engineer ?

8. Facts – Hacking The Mind
| Can’t be Patched – No CVE |

9. Facts – Hacking The Mind
* Yeeea I Stole a Laptop and get in and out – this not a Social
Engineer
* Social Engineering is not going to an organization and sayin
g“Um an electrician” then ending up with electrician team!
* You should know what you are talking about

10. What is Social Engineer ?
Simply:
The science of making people do what you want not they want
Wikipedia:
Refers to psychological manipulation of people into performing
actions or divulging confidential information.
What I Like:
The science of manipulating people mind & behavior to
preform action of your choice

11. Art of War
* All War is Based on Deception
* When we are able to attack, we must seem unable
* When we are near, we must make the enemy
believe we are far away
(Sun Tzu)

12. Why Everyone is Vulnerable ?
Human Mind has Gaps by default !!
If you think you are not vulnerable because you are not that
stupid person – Think again!!
People who are vulnerable to social engineer not because of
stupidity only.

13. Why Everyone is Vulnerable ?
False Assumptions
If A is true, then B is true; B is true, therefore A must be true
Curiosity
Human Nature Like to know the unknown
Fear
Fear about fake authority

14. Attack Human Behaviors
* Human nature of trust is essential to most social engineer attacks
* Ignorance about Social Engineer and its Impact
* Who Preform SE Attacks may pretend they have authority
And threaten in case non-compliance with their request
* Social Engineer attackers take information by promising something
for nothing
* In case of dispirit or need help – They will help you
* Agree in what you hear – get agreement back ->
lead the discussion

15. Types of Social Engineering
Types of social engineering attacks:
Social engineering can be broken into two common types:

16. Computer Based
Spam Email
Computer based: Uses computer software that attempts to retrieve
the desired information. (Mobile Applications Included)
Pop-up Windows: Run?
Phishing & Spear Phishing
Publishing Malicious AppsFake Security APPS
Instant Chat Messenger
Social Networks

17. Computer Based
Before Social Engineer Engagement
Internet Activity
Matlego
Google/LINKEDIN
theHarvester
Whois
Social Media
Company Last News
Physical Reconnaissance
Visit the Company - (normal Visit as Customer)
Video Surveillance - (Blind Spots)
Entry systems - Exists
Physical Security systems
Company (Customers - Vendors - Competitors)

18. Computer Based
Once Social Engineer Start (After Internet behavior analysis )
Contact through Internet sites activities
Contact employees through social network
Get mails and send spear phishing attacks
Voice Phishing
SMS Spoofing
SET

19. Computer Based
Scenario 1

20. Computer Based
PWN

21. Computer Based
Scenario 2

22. Human Based
Eavesdropping
Human Based: Needs interaction with humans; it means person-to
-person contact and then retrieving the desired information.
Exploit ( Trust – Fear – Help Nature of Humans - Weakness )
Tech Support
Marketing Reverse SE
Piggybacking & Tailgating
Dumpster diving
Shoulder surfing
Voice Phishing

23. Human Based
Scenarios not limited !
* A user with fake ID  Ask for sensitive information
* Valuable Customer  Offer Solutions
* Technical Support  Wait  Attack  Free Access (R-SE)
* Chat with the smokers  But don’t Smoke
* Tailgating

24. Human Based
Real Scenario 1: After working hours Asking one of the office
boy – to open the door for me !!
*Approach is: Social engineer - Goal is: Physical Access

25. Human Based
Real Scenario 2: Piggybacking & Tailgating: They have a door in e
very floor opened by finger print – open for 10 seconds only –
VOIP PWN

26. Human Based

27. Human Based
Real Scenario 3 : Chat with Smokers: Offering to find another job
for a Network Engineer
Result

28. Human Based – SE
Reverse Social Engineer
Is a person-to-person attack in which an attacker convinces
the target that he or she has a problem or might have a certain
problem in the future and that he, the attacker, is ready to help
solve the problem.

29. Human Based – Reverse SE
Reverse social engineering Need:
1- A lot of Reconnaissance to understand the internal structure of
the Organization.
2- Impersonate someone in Power whatever you attack (Client –
organization).

30. Body Language
* Human Based – Require to have some skills on Body and Eye
contact language
* You might face un expected contact require immediate Social
engineer attack

31. Body Language
* Micro Expressions: Very useful if you want to engaged with Soci
al Engineer
* Every Culture have it’s own Expressions
* You are able to understand your Country Expression only
* EX: United States of America have more than 80 Expressions
* But there is a universal Expressions we are going to learn about
it

32. Body Language
But First: What is Your First Impression ?
Attacking Old Woman not same as you attack young man
Clothes - Uniform type
Body type
Gender/Age
Ethnicity
Manners/Discipline
Physical Markings
Smell
Teeth
Hands
Interaction

33. Body Language
Signs for Comfort and Discomfort

34. Body Language
Signs of Comfort
Arm Placement
Head Tilt
Genuine Smile

35. Body Language
Signs of Discomfort
Tension
Eye Blocking
Lips

36. Human Based – Body Language
What is this Signs ?

37. Body Language
Micro Expressions http://www.paulekman.com/

38. Mitigation
* Mitigation: No matter how strict your network security or well
considered your security policy is; The human element at your busin
ess remains vulnerable to hackers. But there are steps you can take t
o better secure your business against social engineering attacks.
* Defense against Social Engineer come in Several Layers

39. Mitigation
1- Basic Layer: Security Policy: Social Engineer target employee who
respond to requests - Information should identified it’s value
- locks, ID’s, paper shredding, and escorting of visitors
2- Learning Layer: Security Awareness: How Employees respond to re
quests – Educate them about Social Engineer Scenarios based on Po
sition – Follow
* Identify what has Value: every time you get an access failure to
your data, You have to be knowing what to do!

40. Mitigation
* Friends are not friends: Social Engineer always try to make relation
s with you to gain trust
* Passwords are Personal: Don’t share your passwords – social engin
eer may try to get password through electronic way
* Uniforms are cheap: Social Engineer will show up pretending he fix
or build something

41. Mitigation
3- Persistence Level: Security Training Against social engineer will be
effective for very short time – Regular Reminders
4- Offensive Level: Incident Response: If someone asks for informati
on that you don't know if you should release, ask your manager. "Ma
ny social engineers will break if off if there's a break in the conversat
ion."

42. Mitigation
In the End don’t Get Paranoid – it
all about knowing your enemy
Well

43. Thanks You
@Yehia1mamdouh
yehia@dts-solution.com