Christina Lekati

Christina Lekati is a psychologist, a social engineer and an open-source intelligence analyst.
She specializes in behavioral analysis and in intelligence collection and analysis through open source and human intelligence.

Christina has participated among other things in penetration tests, in trainings to companies and organizations, in vulnerability assessments, and in profiling and analysis of the modus operandi, and in the process of identifying personality traits, behavioral tendencies, and other variables of victims and offenders.

Christina is working with Cyber Risk GmbH as a social engineering specialist and an open source intelligence investigator for the vulnerability assessments conducted on corporations and high-value targets. She is the main developer of the social engineering training programs provided by Cyber Risk GmbH. Those programs are intertwining the lessons learned from real life cases and previous experiences with the fields of cybersecurity, psychology, and counterintelligence.

She is also an active Advisory Board Member at the OSINT Curious project.

Title: “Judging by the Cover: Profiling & Targeting Through Social Media”

While to the rest of the world social media are friendly platforms of communication and sharing, for the fellow social engineers and OSINT analysts, they are targeting and information harvesting platforms. Even though social media do not always demonstrate our true personalities, they do demonstrate the way we want to be viewed and treated by others – which can be a lot more useful for social engineers. They also “leak” behavioral tendencies and characteristics that provide significant intelligence for any type of operation targeting humans.

The talk covers the topic of information gathering through social media intelligence (SOCMINT), and explains how even seemingly innocent information can be used to manipulate or influence targets. Case studies will be provided.

It will also discuss the art & science of profiling, along with its limitations for social engineering engagements. A two-part demonstration is included on how a profiler’s mind works when harvesting information on social media:

The first part includes real examples of posts that expose vulnerabilities, attract attackers and ultimately can be exploited and lead to security breaches.

The second part dives deeper and demonstrates how the information found on a social media profile (from their pictures to the words used by the individual) are gathered, categorized into a profiling matrix and then analyzed, bringing into the surface a personality profile. The target’s profile can then provide actionable intelligence that increases the success of attacks, or attack simulations.