Liar, Liar your hands are on fire….?

default-featured-image

Probably one of the hottest topics for social engineers is how to detect who is lying and how to improve your ability to fool your targets. Today we picked two articles to discuss about this topic briefly.

The first is archived in the social engineer archives.  It is a very interesting read on a new study that has been done that might point to the link between the way a person draws and event and the truthfulness of that event.   In some amazing statistics the “sketching the agent” result was able to identify 80% of the truth tellers and 87% of the liars – results superior to most traditional interview techniques.

How does it work?  The determined that the way a person remembers events is linked to the “angle” they draw the event in.  People who where there, truth tellers, will draw with a shoulder camera angle.  Where as liars leave out lots of detail and even leave themselves out of the picture.

What does this have to do with social engineering?

Well by itself, not much.  We haven’t done too many engagements where we can ask the target to draw us a picture. So how can we use this information?

Our second article… well it’s actually a video.  It is a nicely done video that outlines 9 parts to detecting a lie.  What we found interesting is how closely these were linked to some of the research on the drawing research.  Take a look:

Step 1: Watch their hands

Studies have shown that the majority of people have a “tell” when they lie.  Excess face touching or nose scratching can be a good indicator of a lie.

Step 2: Follow their eyes

Blinking – another thought is that a person who blinks a lot can be lying.  Now, we don’t prescribe to this thought 100%.  Some people do not have great eye contact by nature, so this point isn’t always a given 100%.  Yet, mixed together with some of the others it can point to a lie.

Step 3: Note their words

Note their words. A liar will skip contractions—saying “I did not” instead of “I didn’t”—and avoid pronouns, using someone’s full name instead of “he” or “she.”

Step 4: Check their smile

A true smile versus a fake smile.  A fake smile is just with the mouth.  A real smile is uses the eyes, the cheeks, the whole face.  A person who is smiling fake can also be an indication of falseness elsewhere.

Step 5: Note their posture

Notice their posture. Liars tend to keep their body posture closed (by folding their arms, for example). Again, we don’t prescribe to this 100% but it may be an indication of a lie when mixed with others.

Step 6: Pause before responding

Pause momentarily before responding; if the silence makes them uncomfortable, they may be lying.  of course is some one is naturally slow, don’t count that.  But if it looks like the person is pausing and thinking about the answers to natural questions or stories it can be a good indication.

Step 7: Note the details

Pay attention to details. If they provide more information than necessary, that’s a bad sign. People tend to be overly specific when they’re making something up.

Step 8: Change the subject

Change the subject. Is the conversation just over or are they trying to change it quickly?  Pay attention and see if this indicates untruthfulness.   Better yet you can try and change the subject.  Did they seem relieved?  Might be an indication.

With all these steps there is a lot of “might be’s”… well mix this with reading facial expressions and you might be able to start detecting liars more readily.

We would say one key to starting off with this, is to not try and view everyone as guilty before being proven innocent.  Pay attention to the details though and you will be amazed at what you see.

Check out the video:

Stayed tuned for more articles coming soon.

Thanks to rAWjAW for submitting these articles to us.

Offensive Security Exploit Archive Online

default-featured-image

After a short and intense setup, we are ready to present the Offsec Exploit Archive. We’ve recreated the milw0rm database, updated it and are now accepting submissions. The purpose of the site is to provide researchers and security enthusiasts a repository of exploits, and when possible, the relevant affected software. We’ve started the party by Continue Reading >

Interrogation Tactics and Social Engineering

default-featured-image

When we decided to do the release of our first podcast we had many people who were skeptical about Interrogation and Social Engineering actually meshing.  Heck a lot of people where even sure if they could ever be tied in. Well we did it.  We found a willing participant, Matt Churchill.  He was not only Continue Reading >

How To Become A Social Engineer – Information Gathering

default-featured-image

It may be the opinion of some that “Social Engineering is just believing in your lie” or “SE is a matter of who is the best liar” and even “Social Engineering is a matter of just making up a believable story.” Some believe that social engineering is no more than smoke and mirrors and con’ing people. We thought we would reach out and try to dispel some of these myths by writing a small series of articles about this question. The series will be called “How To Become a Social Engineer”

Meet the Team at Social-Engineer.org

default-featured-image

There has been a lot of buzz on the Net about social-engineer.org and the emails into us have been amazing.  We would like to take the time to thank all of you for your support. Quite a few of our visitors have asked aboutthe team and how we are structured. So I figured we would Continue Reading >

Social Engineering Framework Launch

default-featured-image

Just wanted to drop a note to say that www.social-engineer.org was launched today. The site is housing a complete social engineers framework as well as video’s, how-to’s and even some new tools for social engineers. One tool that was made for social-engineer.org is SET (Social Engineers Toolkit), it is an amazing tool that ties in Continue Reading >