Social-Engineer.Org : Security Through Education

How would you feel if you saw an ad for a solar-powered clothes dryer and it was only $39?  Excited?  So were the hundreds of consumers who sent in their $39, only to receive a piece of rope in return.  This was just one of the many scams run by an ex-con man name Steve Comisar.

I had a chance to talk with Steve while he is serving his time in prison. He was willing to openly talk about his past crimes, and how he was able to scam people out of millions of dollars.   As social engineers we can learn a lot on what we can help our customers look for, as well as some tips on pretexting.

What follows is an amazingly honest and real interview with Steve.

Q:  Who are you?  Tell me about yourself?

A:  I am a legendary con artist being ranking in the top ten by the FBI and many prestigious Internet sources.  I am ranked second to only Frank Abignale the author and the subject of the film, “Catch Me If You Can” staring Tom Hanks and Leonardo Dicaprio.  I am a guy with an exceptionally high IQ (195) who decided to use his gift of persuasion to become wealthy, exerting very little effort in the process.  My true passion was acting appearing in many TV shows and commercials since a very young age.  Incidentally, acting and conning are very similar, both requiring a great deal of natural skill.  My book is in the Hall of Fame at the Association of Certified Fraud Examiners.  I starred in a documentary called “Making Crime Pay” that is used to train many law enforcement agencies.  This and other of my training videos and TV shows are on YouTube.

(more…)

For almost 3 years the team at Social Engineer has been bringing you the best in Social Engineering information and education.  Social Engineering information, tips, tricks, research, which eventually has branched off and created live, in-person, intensive training classes. As the new year gets into full swing we wanted to highlight some of our upcoming events and announcements.

Chris “loganWHD” Hadnagy will be conducting a round table open discussion at RSA this year. The topic of his panel is “Social Engineering – Is it the Biggest Threat?” Social Engineering (SE) is a hot topic that has gained a lot of notoriety in recent attacks.

(more…)

Not too long ago the announcement about an Internet Sponsorship Law, SOPA, basically caused the Internet to blow up with people voting, supporting, and showing how much they disliked this proposed bill. The way the “Internet Community” came together is a lesson in mass influence itself, but we are going to focus on a different aspect of this drama.

The hacktivist group Anonymous reared its head in this debate to show it’s disdain for any law that would censor or prohibit the use of the Internet, and they do so using a form of social engineering.

One of the less influence based forms of social engineering involves drawing people to a website that is either loaded with malicious software/code or has downloads that are dangerous or infected. Apparently, Anonymous used this form of social engineering to create, in essence, one of the world’s largest botnets full of unsuspecting participants.
(more…)

Unless you are starring in the next “Planet of the Apes” this Holiday season, you will undoubtedly find yourself surrounded by humans. Many situations may arise from company parties, family get-togethers, to year end celebrations. These events provide you with a perfect test bench to try out your social engineering skills. Take advantage of the fact you will be submerged into groups of people, some familiar, some not.

Sadly, your family will insist you not be on IRC during the holiday festivities. I know, crazy, right? It is what it is, so make the best of it. In this blog we will recap some previously explained techniques and give you handy suggestions on how you can put these skills and knowledge to the test. You can even make a game out of it!
(more…)

We have previously written about how to read other poker players and determine the strength of their hand by using various Social Engineering techniques. In this article we will discuss ways to use Social Engineering to trick and deceive the other players to give yourself an advantage on the table.

Poker is a unique game at a Casino. Unlike every other game in the Casino, in poker, you are playing against the other players as opposed to playing against the house like in Black Jack, Craps, Roulette, etc. As you analyze the game and really understand poker, you quickly realize that it’s not a card game, it’s a people game.

Here are some famous quotes from Poker players, professional and amateur:

“If, after the first twenty minutes, you don’t know who the sucker at the table is, it’s you.”  ~David Levien and Brian Koppelman, Rounders

“The commonest mistake in history is underestimating your opponent; it happens at the poker table all the time.”  ~David Shoup

“In a game of poker, I can put the players’ souls in my pocket.”  ~Beausourire

“Poker is… a fascinating, wonderful, intricate adventure on the high seas of human nature.”  ~David A. Daniel

(more…)