August 2013 Newsletter 

Vol. 04 Issue 47  

In this issue

  • Deception in Social Engineering
  • Social-Engineer News
  • Upcoming Classes
  • What's coming...
  • Social Engineering Penetration Tests

Social-Engineer News 

We feel like we have been run over by a bus, hit by a truck then dragged through some tar pits... Ah, yes Def Con must be over. What an amazing show. The brand new Social-Engineer Village was a huge hit. Apollo Robbins anyone? Kevin Mitnick? Dave Kennedy? Jordan Harbinger? umm Will Smith???? The SECTF and the SECTF4KIDS... what the heck just happened? Stay tuned for more news. We just need to get through recovery and rehab.


    The team at Social-Engineer is really excited to announce our brand new service - The Social-Engineer Mastermind Group.  For more info click below:

    As a member of the newsletter you have the option to OPT-IN for special offers.  You can click here to do that.

    Check out the schedule of upcoming training on


    2014 Schedule Coming Soon

    We are limiting the number of attendees in each class to 22 and under, so first come first serve.

    • 5 days of ground breaking training (4 Days for Black Hat)
    • The Social Engineering Penetration Testing Course guide
    • Special tools to enhance your SE practice
    • A Chance to take the first ever Social Engineering Pentesting Certification
    • Lots more

    If you want to ensure your spot on the list register now - Classes are filling up fast and early!

    Do you like FREE Stuff?

    How about the first chapter of Chris Hadnagy's Best Selling Book:  Social Engineering: The Art of Human Hacking?

    If you do, you can register to get the first chapter completely free just go over to to download now! 

    If you no longer want awesome social engineering information you can Unsubscribe from this Newsletter

    Check out the awesome music of Dual Core - IT geek, Rapper and all around awesome guy...

    To contribute your ideas or writing send an email to

     What's coming up..

    If you want to listen to our past podcasts hit up our Podcasts Page and download the latest episodes.

    Want to say thank you to our sponsors this month

    - Spy Associates for continually giving us some awesome products to test out.

    - The EFF for supporting freedom of Speech

    A special thanks to our Editor:
    John 'J' Trinckes, Jr

    Check out Robin Dreeke's amazing book called "Its Not All About Me" packed with the top 10 techniques to building rapport fast. It is an awesome book!




    Spinning Your Web: Deception and the Social Engineer

    A tiny arachnid that is a master of deception has been discovered by naturalist Phil Torres at the Tambopata Research Center in Peru. The spider, most likely a new species, builds a larger decoy in its web using pieces of leaves and debris. It then shakes the arranged bits to possibly discourage and defend against predators. Although other spiders in the Cyclosa genus have been documented displaying less complex decoy-building behavior, this deceptive creature's ploy is unique. This i s an exotic example of animal behavior, but it is an interesting place to begin a discussion about the use of deception.

    What is deception?

    Making something (a situation, a person, etc.) appear to be what it’s not is a useful and necessary tool for social engineers. From the telling of outright falsehoods to the more subtle use of omissions or even props to communicate a specific message, deception can come in many forms. It is the responsibility of the social engineer to manage that communication, keeping in mind the overall goal of influencing the target. Intent plays a major role in how and when we employ deception. At Social-Engineer, Inc., we always stress the importance of making sure your target feels better for having met you. This tends to be a wise business decision and good rule of thumb in human relationships. Clearly, the method you choose for deception can make a huge difference in how the target feels once the engagement is complete.

    Deception For Sale

    Paladin Deception Services is a Minnesota-based company that promotes it services to lie and deceive others for their customer's gain. Timothy Green is the founder and a former private detective who believes that people benefit greatly from having an ally; not only to lie for them, but to corroborate falsehoods that may help others achieve some desired goal. False job references, vacations disguised as sick days, and lies about skills and aptitude are some of Green's previous work. Although the legitimacy of such a company will always be called into question by some, Green does appear to offer these services to those willing to pay the fees.

    In another example of a blatant lie, two Connecticut men claiming to have a gun, kidnapped another man demanding that he accompany them to a bank and open his safety deposit box to repay a debt. The assailant that had claimed to have a gun was caught as the robbery was underway. He did not have a weapon.

    In an amusing (and less malicious illustration), young women in China are apparently advised to wear stockings that are designed to appear as if the wearer has incredibly hairy, unshaven legs. ‘Anti-pervert’ hairy stockings are apparently popular in China according to the NY Daily News. As you can imagine, this is definitely a nicer way of rejecting unwanted advances than a swift kick to the face.

    Deception as a Social Engineer

    Assuming one of our priorities as social engineers is to be able to continue a relationship with our target despite the use of deception, here are some things to understand about human nature:

    - People can and do deceive themselves. A recent study concluded that people’s expectations about cause and effect are so strong it can overcome what their eyes tell them. In another fascinating study, researchers were able to get half of their participants to falsely recall a hot air balloon ride from childhood by exposing them to faked pictures (Wade, K.A., Garry, M., Read, J.D., Lindsay, D.S. (2002) A picture is worth a thousand lies: Using false photographs to create false childhood memories. Psychonomic Bulletin & Review, 9 (3), 597-603). Research has proven time and again that people often change their perception of reality based on a number of factors, often as a response to external influence.

    Once people step over the behavioral barrier and commit an action however small (for example, help you pick up dropped documents or provide a small piece of information), they will be more likely to continue down that path. This was demonstrated in an interesting study in which it was discovered that people are significantly more likely to allow strangers intrusive access to their homes after they had already answered some simple questions on the phone (Freedman, J.L., Fraser, S.C., (1966) Compliance without pressure: The foot-in-the-door technique. The Journal of Personality and Social Psychology, 4 (2), 195-202).

    Interesting research, but how does this translate to something you can use? Consider that knowledge about these two small aspects of human behavior can dramatically affect your choices for how you employ deceptive techniques. Understand that it rarely takes more than a nudge with a good pretext to obtain your goal; the blatant telling of falsehoods can be unnecessary. This, in turn, will affect how the target feels both during and after an engagement, and their willingness to continue a relationship with you. If you become a master of human behavior, you will become a master of deception and through time and effort the ultimate social engineer…like our friend spinning his web in the Peruvian jungle.

    Written by: Michele "sn8kebyte" Fincher


    We want to thank the sponsors for the Defcon 21 SECTF





    As part of the newsletter group, you will be the first to receive special offers to services and products by Social-Engineer.Com.


    Also check out our friends at: