We all know that computers and networks are vulnerable to hacking and malicious actors, but what about us, the humans who interface with these devices? Con games, scams, and strategic deception are far older than computers, and in the modern era, these techniques can make humans the weakest link in even the most secure system. This episode, security consultant and master social engineer, Christopher Hadnagy, joins us to share his stories and wisdom. He describes what it was like to be a social engineer before the world knew what social engineering was and tells some of his amazing stories from his long career in penetration testing.
A big thanks to Christopher Hadnagy from social-engineer.org for sharing his stories with us.
Check out his book Social Engineering: The Science of Human Hacking, affiliate link here.
Check out his podcast called The Social-Engineer podcast.
Sponsors
This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.
Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.
Sources
- https://www.social-engineer.org/
- How phishing scammers manipulate your amygdala and oxytocin TEDxFultonStreet
- DEF CON 22 - Chris Hadnagy - What Your Body Tells Me - Body Language for the SE
- https://en.wikipedia.org/wiki/George_C._Parker
Book Recommendations
Amazon affiliate links included.
Attribution
Darknet Diaries is created by Jack Rhysider.
Episode artwork by odibagas.
Theme music created by Breakmaster Cylinder. Theme song available for listen and download at bandcamp. Or listen to it on Spotify.
Equipment
Recording equipment used this episode was the Shure SM7B, a cloudlifter, Motu M2, Sony MDR7506 headphones, and Hindenburg audio editor.
Transcript
[START OF RECORDING] JACK: Before we really had the term ‘social engineer’, people used to just say ‘con artist’ because what a con game is, is where you gain someone’s trust and then defraud them. Social engineers gain people’s trust in order to trick them. Same thing. One of my favorite con artists was George C. Parker. He made a living off of selling things he didn’t own. He lived in New York City in the early 1900s. A lot of immigrants were moving into the city and he wanted to take advantage of their lack of knowledge about the city. Grant’s Tomb was built in 1897 which is the final resting place for Ulysses S. Grant. It’s right in Manhattan and it’s an extraordinary monument. You can even go inside and look at the casket. It’s a popular tourist attraction. George C. Parker saw so many people coming to see Grant’s Tomb, he wanted to somehow make money off this, and not by selling popcorn or hot dogs or flowers.