Newsletter    

Volume 02 Issue 26     

 

In this issue

  • The Power of the Ultimate Social Engineer
  • The Monthly News
  • What's coming...

Social-Engineer News

Social-Engineer.Com has launched their Social Engineer Penetration Testers course. It is literally the first of it's kind. As a subscriber to the newsletter you are getting first dibs on knowing where and what is happening.

WE ARE NOW REGISTERING SEATS AND TAKING PAYMENTS!

We have chosen to hold the class March 5-9 2012 in the Seattle Area. As well as a class in April 9th in the UK. We are limiting each class to 25 or under people and it is first come first serve.

  • 5 days of ground breaking training
  • The Social Engineering Penetration Testing Course guide
  • Special tools to enhance your SE practice
  • A Chance to take the first ever Social Engineering Pentesting Certification
  • Lots more

If you want to ensure your spot on the list send register now to save your spot.
 



There is a new edition of the Social Engineering: The Art of Human Hacking. The first edition is no longer being sold, so if you have a copy - there is a new edition that contains some updated pics to chapter 5 and 6. The content is the same.


If you haven't had a chance to yet vote, head over to this months Social-Engineering Poll and give us your opinion.
 


UNSUBSCRIBE by sending an email to [email protected]




Check out the awesome music of Dual Core - IT geek, Rapper and all around awesome guy...


To contribute your ideas or writing send an email to [email protected]




What's coming up..

If you want to listen to our past podcasts hit up our Podcasts Page and download the past episodes.

Want to say thank you to our sponsors this month

- Spy Associates for continually giving us some awesome products to test out.
- The EFF for supporting freedom of Speech
- Want a very cool website? Check out Social-Engineer.Org's graphic and web dev at Tick Tock Computers.
- Offensive Security for their continual Support. Are you looking for world class security training? Offensive Security has live classes scheduled now. Sign up before they fill up!


A special thanks to our Editor:
John 'J' Trinckes, Jr

Check out Robin Dreeke's new amazing book called "Its not all About me" packed with the top 10 techniques to building rapport fast. It is an awesome book!

 

The Power of the Ultimate Social Engineer

For over two years, we have been analyzing all types of people from all sorts of fields.  We have dissected their methods, philosophies, and their careers to see what we can learn about them; to see how to enhance our social engineering skills and deepen our understanding of human nature.

This month, we devote the newsletter to a very special individual – Brad “theNurse” Smith. For those of us that know Brad, it probably didn’t take long before a huge smile subc onsciously appeared on your face just thinking about your last interaction.  For those of us that do not know him, let me tell you a little about Brad.

Brad is an older gentleman, average size, with longer silver hair.  He is an avid student of NLP, Social Engineering, and the human psyche.  You can tell too. The way he talks is very controlled, calm, and always listening more than talking.  He knows how to make you feel like you are not only important, but the most important person in the room. Brad’s deeper, low toned voice is soothing to the listener and his calm demeanor makes you feel at ease right away.

Just a few days ago, Brad was slated to give a speech at Hacker Halted in Miami, Florida, USA.  While getting up for his speech and going on stage, he suffered a hemorrhagic stroke.  I am no doctor , but what I have been told is this type of stroke is caused by a blood vessel bursting in your brain.

Quickly, Leonard Chin, from Hacker Halted, called 911 and got him to the local hospital, Jackson Memorial.  Brad was rushed to surgery and the blood clot was removed; however, brad was left in the ICU in a coma.

What does all of this have to do with Social Engineering?  It was only a matter of hours and what I personally saw happen convinced me of the power of rapport.  People like Ping Look from Black Hat, Lenoard Chin from Hacker Halted, Jason Kobes, DevAuto, the crew at Social-Engineer.Org, and many more just jumped into action to help out.  A few hours later, when I thought I couldn’t be more amazed, I was. We set up a quick and dirty donation page to help collect money to cover the expenses that Brad and his wife were incurring from travel, hotels, hospital bills, and more.

Now think of this, on a site called SOCIAL-ENGINEER.ORG we have a button that says “give us your credit card numbers and donate money”. I was convinced that a few donations would come in from the people that know we are about education and not scamming.  What I didn’t expect was after only 2 days, seeing over $6000 USD in donations! Guys like tuna and Sequel7 helping find Nina (Brad’s wife) a place to stay. Companies like Core Securities and organizations like Black Hat providing front page banners and donations.

Why would strangers do this?

During the donation process, the donor has the choice to add a note. Here are some of them::
•    We love you Brad.
•    Brad and I chatted for the first time at BlackHat 2010. He's been a fixture forever, so I knew who he was, but had no expectation that he knew me. Didn't matter, just chatted like we were old friends. Thanks, man. Get better and see you at DC2012.
•    God bless Brad the Nurse and his family. One Good Dude.
•    I was in Brad's class when the incident happened. Brad does not know me personally but I have been following him for a long period of time and this is very sad. Most of my friends are close friends of Brad and we will all pray for his well-being. I wish you strength in those very harsh moments and we will pray for him.
•    Brad is a great man, and a great friend. He and his family are in our thoughts.
•    Get well. Our community hurts when one of our own is down. Never met you, but you and your family are in my thoughts. Wish I could donate more.
•    I know it's been a while since you both heard from me (and I moved from Montana almost six years ago now), but I still remember you fondly!...and my heart and thoughts are with both of you during this time. Hang in there. I just know Brad is made of tough stuff and he'll be back with us soon.
•    Brad, you have been a true source of knowledge and encouragement.  You have taught me, mentored me and I pray for your quick recovery.  I cannot wait to meet you amazing wife.  Hang in there buddy.  I hope what I have tried to do here makes you happy and feel the love that we all feel for you.
•    Social-Engineer -- Thanks for doing this to help them! Brad and Nina, hang in there. I wish you peace and strength.
•    Godspeed and prayers Brad and family. I've never met you, perhaps have seen you at con, and if it means anything, I forgot all training and paranoia and followed a link from the Social Engineer.org website to Paypal (!!) and typed in credit, address, phone and email information.

What could possibly motivate people from all over the world to donate their hard earned money to a person they may not know very well or have seen at the cons?  This is one of those aspects of social engineering we have discussed in detail over the years.  It involves building a strong bond and rapport.  My partner in the Social Engineering for Penetration Testers course wrote a new book entitled, “Its Not all About Me”, (see link on the sidebar) which covers the top ten techniques for building rapport.

Brad is living personification of all ten of those techniques.  The “proof is in the pudding”. A community of thousands is behind him and his wife with prayers, positive thoughts, time, effort, money and support because of the way he made us all feel.

What’s the main lesson in all this? Truly caring for other people, making what is important to them important to you, and being a great listener creates bonds that transcend a community, a conference, or a speech.

While we often focus on how social engineering skills can be used to break into companies or otherwise obtain information that is supposed to be protected, Brad demonstrates the positive aspects of these skills, and shows how they can be put to good use. Brad uses social engineering skills and techniques not to deceive, but to better communicate and build relations with others. He does not do this for personal gain, but because he cares about people to such an extent that this becomes his way of making sure everyone understands how important they are to him. Brad is an example of everything that is positive about social engineering and our community in general. We are proud to be there when he and his wife are in need.

If you would like to contribute to help Brad out, please visit http://www.social-engineer.org/bradsmithdonation/.

written by:  Christopher Hadnagy

 


 

Looking for Professional Social Engineering Services?

Social-Engineer.Org is branching out with our new website www.Social-Engineer.Com


We are providing some of the following services:
 

  • Social Engineering Pentests
  • Social Engineering Risk Assessments
  • Social Engineering Training for Pentesters
  • Professional Information Gathering Services

 For more information on any of the above or how we might be able to help you protect your company from malicious social engineers contact us at: [email protected]