Author Topic: [Question] Protection from Social Engineering  (Read 2798 times)

0 Members and 1 Guest are viewing this topic.

Offline Darkvision

  • EZ's Fluffer
  • VIP
  • Royal Highness
  • *
  • Posts: 755
  • Cookies: 149
  • Its not a bug, It's a Chilopodas.
    • View Profile
Re: [Question] Protection from Social Engineering
« Reply #15 on: April 02, 2015, 11:51:10 pm »
Thanks to all of you for your valuable advice.

To everyone telling me to learn SE:
SE is something that interests me a lot. I read books (including the mentioned one from Mitnick) and articles on the topic. However, conversations are already hard for me as is. I am easily overwhelmed. I can only concentrate on one-on-one conversations, and even then it is something that often just goes too fast for me.
I am a bad social engineer as I feel I am already worse in social stuff than the majority of people.
I know the theory and cannot apply it, especially in situation I did not expect. So that's why I often see things coming, but feel that I have not enough time to think about how to react as I am already trying to listen at the same time.

I usually know of perfect answers and reactions afterwards.

Some simple rules have helped me out, which includes never to buy anything on the door, never to sign anything without sleeping over it a night or better a week. But my politeness really annoys me.

@Kulver
Your articles are very interesting and I've read most of them. Thanks for posting them.


@cyberdrifter
Very interesting read, but I am European too. :D
However, it reminds me of my father. When Zeugen Jehovas came to his house, he threatened them with his chainsaw. They never showed up again.

How can I learn it, though? Role play?

A lot of great advice above but two things:
1. id say that you should realize that it is not IMPOLITE to say no. So when they ask to come in just say that. or tell a white lie(that may not even be a lie) such as sorry but your to busy.
2. I find that people are less likely to come around(again) when you either waste their time or piss them off(or better yet both). However that would be the "impolite" way to do things, so option one is probably better for you.
The internet: where men are men, women are men, and children are FBI agents.

Ahh, EvilZone.  Where networking certification meets avian fecal matter & all is explained, for better or worse.

<Phage> I used an entrence I never use

Offline CyberNox

  • NULL
  • Posts: 2
  • Cookies: 1
    • View Profile
Re: [Question] Protection from Social Engineering
« Reply #16 on: April 05, 2015, 04:47:17 am »
I hate sales people at my door. Regardless if they're scams or not.

Offline Deque

  • P.I.N.N.
  • Global Moderator
  • Overlord
  • *
  • Posts: 1203
  • Cookies: 518
  • Programmer, Malware Analyst
    • View Profile
Re: [Question] Protection from Social Engineering
« Reply #17 on: April 06, 2015, 08:28:34 pm »
A lot of great advice above but two things:
1. id say that you should realize that it is not IMPOLITE to say no. So when they ask to come in just say that. or tell a white lie(that may not even be a lie) such as sorry but your to busy.
2. I find that people are less likely to come around(again) when you either waste their time or piss them off(or better yet both). However that would be the "impolite" way to do things, so option one is probably better for you.

You are right. It does not have to be impolite to say no. I've got to get that in my head and add the rule "never let someone in".

I would play the ball right back at the guy. Say you have to finish something for work and if you can't finish it you may loose your job. It will put him in a position of guilt giving you control over the conversation.

Also if you question the morality. I would say its morally justified to lie in that situation since he wants to decieve you into buying stuff you don't need and playing you into that way.

Edit: Deque, it's normal that you can't apply the theory as easy. social interactions are quite complex. and people are also infinitly complex. you will never get the reactions exactly like they are explained. best that theory can make you do is to make you adaptable in such situations.

Thank you.
I find it hard to lie. But it might make things easier sometimes.
« Last Edit: April 06, 2015, 08:30:41 pm by Deque »

Offline sh4d0w_w4tch

  • Peasant
  • *
  • Posts: 73
  • Cookies: -1
  • Please do not feed the skids.
    • View Profile
    • 6c.nz
Re: [Question] Protection from Social Engineering
« Reply #18 on: April 07, 2015, 06:26:52 pm »
If someone is actually trying to run a scam, don't be afraid to be rude.  People who are afraid to be rude or say no will always be stomped on by con artists and salesmen.  There is nothing wrong with being rude to them.  If you worry about being wrong, then you can make up some reason why you can't do what they ask.  If they ask to use your shower and say that they're at risk of failing a job interview, tell them that the water has just been turned off.  You can also admit that nobody is allowed to see the inside of the house for security.

If a homeless person asks for a 20, offer 5.  I've taken some awkward white boys into the city who think they're going to get stabbed if they don't turn over money when a homeless person asks.  We're not going into a ghetto either.  Certainly old and urban, but not a ghetto by any means.
DeepCopy | Can you name a VPN provider that's like "hey use our services to hack government sites and spam the internet. Please Abuse our services"

+Polyphony | paging master hackers of evilzone: i am here to learn about your black hatted tools to hack different viruses like facebook, sql, php, and other ring zero exploits


Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: [Question] Protection from Social Engineering
« Reply #19 on: April 07, 2015, 07:42:51 pm »
If a homeless person asks for a 20, offer 5.
Normally I tell them that all of my money is on the card right now :P

Offline sh4d0w_w4tch

  • Peasant
  • *
  • Posts: 73
  • Cookies: -1
  • Please do not feed the skids.
    • View Profile
    • 6c.nz
Re: [Question] Protection from Social Engineering
« Reply #20 on: April 07, 2015, 08:25:53 pm »
Normally I tell them that all of my money is on the card right now :P

That's the way to go.  Usually it's what I do when it's the third person that day and I've been giving enough free handouts.
DeepCopy | Can you name a VPN provider that's like "hey use our services to hack government sites and spam the internet. Please Abuse our services"

+Polyphony | paging master hackers of evilzone: i am here to learn about your black hatted tools to hack different viruses like facebook, sql, php, and other ring zero exploits