The Science Behind Neuro-Linguistic Hacking:  Microexpressions

For the last couple months I have been writing about neuro-linguistic hacking as our research indicates that successful social engineers are using these principles to manipulate their targets to taking an action that they desire them to take.  

I broke down NLH into three aspect, vocal tones, body language and microexpressions.  I then went through each to describe how each of them worked from a social engineering standpoint.  The power in all of this is still under research but there are dozens of scientists looking into many aspects of how these things influence those around us.

Each month we ask for those who read our newsletter and listen to our podcast to send in their thoughts and anything else they would like to see.  Last month I think I piqued many peoples interest because we had a slew of requests pour in asking for more information about microexpressions.  This month I want to cover one aspect of ME’s that will enhance your practice of social engineering.

Defining Microexpressions
One of the things I wanted to do first off was to make sure we are all on the same page when it comes to microexpressions.  A microexpression as researched by some of great minds in this science like Dr. Paul Ekman, is a involuntary muscular movement in response to an emotional stimuli.  Because they are involuntary and related to emotion they last only a brief period of time, like 1/25th of second.

Now with that being said, the same emotions displayed in a microexpression can be displayed in what is called a macroexpression, or one lasting for a few seconds. Now imagine being able to decipher the emotion that a target is feeling, despite what they say to you, and being able to solidify that by what their vocal tones and body language is saying then alter that emotional state based on your own controlled expressions.

How to Gain that Control
Many of the questions that came in last month where geared towards how to gain control over your own microexpressions and how to read others. As social engineers, penetration testers or just security enthusiasts this idea intrigues us.  But it is not an easy talent to obtain and literally, unless you are what they call a natural, a person who needs no training to read microexpressions, can take years to perfect this skill. 

That does not mean there is no hope for you and I, there are some excellent tools we can use to practice our abilities to see and then decode microexpressions.  Before I go any further, I would like to make a quick disclaimer.

Learning to read microexpressions does not make you a mind reader.  You may learn what emotion someone is displaying, you may learn when someone gives you a fake smile and you may learn to when someone is trying to deceive you, but this does not make you a mind reader.  It doesn’t enable you to know why they felt the emotion they displayed.  Unless you combine this talent with elicitation or other social engineering skills it can be really hard to determine why a target feels a certain emotion.

Ok now that is out of the way, lets delve into how you can practice teaching yourself to read these expressions.  Dr. Ekman recommends that first we learn to manually produce each of these expressions in a mirror.  Personally, I used his book, Emotions Revealed, to learn the basics.  In this book Dr. Ekman promotes grabbing a mirror and then practicing the muscular movements of each expression until you can generate the emotion.

Recently, the TV show Lie To Me (on Fox network)

, which was partially prompted and based on work by Dr. Ekman, has made ME’s mainstream.  Figure 1 is an image of the 7 base microexpressions and the keys to recreating them as well as an example of how they will look.


Figure 1 – Microexpressions in use

 (Larger image can be found on our website.)

Personally, after I read Dr. Ekman’s books, I was so fascinated by ME’s I decided to contact Dr. Ekman to further my research and I was able to receive some training from him about how to practice making, reading, and decoding facial expressions. 

The training is devised in a very intelligent way.  First, you take a pretest that tests your natural abilities to see and detect ME’s.  Then you sit through the training and learn about each ME, how it is made and see it many times in slow motion and full speed.  After you feel ready you take a secondary test and see your improvement. The training can be found at Dr. Ekmans website

Dr. Ekman has added not only his main training but also new training for recognizing subtle microexpressions.  This training is revolutionary in the way it helps people to be able to use this extraordinary talent to recognize the emotions people are displaying but not able to speak about.

Why Good for Social Engineers
As a social engineer why is this useful?  The first step in being able to utilize NLH is to understand the underlying principles and science that makes up the components of NLH.

In the end being able to read ME’s on a target can enhance your ability to successfully understand your target and what they are feeling about what you are saying.  But much more than that is the ability that ME’s give you to control the emotions of the target.  In essence, as I discussed a couple newsletters ago, being able to cause an emotion in the target by displaying the ME on your face.

This is a powerful science that is just now being tapped in the mainstream.  I am glad that we are researching it and delving into this science as a community to learn how we can use it.

Thank you for the excellent questions and requests and I look forward to hearing more. Please continue to send your questions or comments on this topic to me, as I am really enjoying this back and forth.

Till next time.

Written by Christopher Hadnagy

Social Engineering the Press

The Social Engineer Capture the Flag (SECTF) event that we recently held received far more attention then we ever expected. On one hand, this is great as it helped spread awareness of social engineering threats, which was the ultimate goal of the contest. However, it did place team in a somewhat awkward position of dealing with a situation that was quite unexpected.

In the end, we were very happy with the outcome of the press coverage of the event. And through the course of our experiences, we analyzed the way the media dealt with us so we could use this information in a social engineering audit.  We wanted to pass on what we learned. We know that some in the information security community have had negative experiences in the past with the press, with the outcome being they felt as if they were treated unfairly. We hope that something we have learned may help prevent a reoccurrence of those types of situations.

Who are the press?

An important aspect of dealing with the press is knowing exactly who they are. The mistake many people make is not realizing that members of the press are people doing their jobs, complete with deadlines, family issues, preconceptions, and various other outside pressures. Some care deeply about the quality of their work, and others are simply pulling in paychecks. This is the same as any other career, the press is no different.

An important part of the job of anyone in the media is to get readers/viewers/listeners to pay attention. Important but mundane topics don’t help that goal. This is why the old saying “if it bleeds, it leads” is still accurate, stories need to grip the reader, interest them, and give them the desire to come back for more information.

Every media outlet has a demographic they need to sell too, and any of their stories will be focused on the needs of that demographic. In the past, I have been dealing with a member of a local television station who said to me “Our demographic is mothers between the ages of 25 and 40, what aspect of this story will interest them? The rest we are not going to cover.” On one hand it is easy for use to say this is not the way the press should behave, but at the same time when a newsroom needs to pay for itself, like any other business it needs to sell to its primary consumers.
These points can are important and must be kept in mind whenever dealing with member of the press. In summary, they are you have to identify who they are as a people, find the element of interest in the story you are talking to them about, and relate how it matters to their target demographic.

Control the Narrative
It is important when you are dealing with trying to influence the direction on a topic that you engage the target. If it is important to you to get a story covered in the way that you want it to be covered, you have to make yourself available. You need to talk to the press as often as they need to get the facts understood. Hiding from them and complaining about how “they are spinning the story” will not help your goals at all.
Whenever you are trying to influence someone’s point of view, it is important that you control the messaging so that you impact their thought process. The reality is, most people take the easy way out when it comes what to “think” about a topic, and simply listen to the message that someone else feeds them, so long as it makes sense. This also tends to be true to some extent about news stories, as the narrative that is given in early articles about a topic is often echoed in later articles. This initial narrative becomes the “common wisdom”, and will often last until new information of some significance, or an alternative, stronger, is presented.
The inertia provided by that initial narrative is of the utmost importance, and when you are dealing with a topic it is important to define that. Explain the narrative to the person doing the story, telling them what it is. This won’t always be effective, but in many situations where the writer is under a deadline with other work hanging over their head, the narrative you provide is simply less work for them. Water runs down hill, and in most cases people will opt for what proves to be less work. Use that fact to your favor.

Understand that whoever is writing the story is not going to be a subject matter expert on the topic they are covering. Within the information security field, we deal with complex topics that even those with years on the job still struggle to understand, its not fair to expect a member of the press to understand a topic as well as you do. This is actually good, as the press then represents the “average” person that will be coming across the story. The interviewer acts as a early sounding board to make sure that you have your messaging as such that people will understand what you are saying. If you receive a “dumb” question that does not mean the interviewer is stupid, just that you need to do a better job at explaining.

After the First Articles
After the initial round of articles covering a topic hit, it a good chance to take a step back and see how good of job you did communicating your message. Understand, you will not be happy with everything that comes out initially. For instance, in our case for the CTF, many of the reporters we worked with did an amazing job at capturing our message and relaying in their stories. Yet when we saw their titles we were shocked. Things like "Social Engineers release BP's Deepest Secrets" and "Hackers converge on Vegas to hack into fortune 500 companies." where common place. We later found out some facts that helped us understand how and why this happened.

In many circumstancesthe writer you spoke with will not actually write the headline for the story. That is done by their editors, who you never dealt with. The editor has the goal of making the story sound as interesting as possible to ensure that people will read it. In some cases, you may think the actual headline misrepresents what is in the article. This happened to us on a few occasions, and it can be frustrating. In situations where the headline is too over the top, politely follow-up with the reporter explaining you concern and simply asking them to change the headline. They will likely understand, and the worst that can happen is they will say no.
It is important to not just pay attention to what goes wrong in the coverage, but also who covered the topic right. Those reporters that you are happy with are the ones to follow up with later; they are the ones that you call when you have something else to say.

What often happens after an initial round of stories is you will see a couple points that go out that you are not happy with. Follow up with those reporters that did a good job covering the topic and explain to them that you want to clarify a few items. What ever you do, don’t call and complain and insult, accept the fact that you need to do a better job explaining the issue.

In many cases, after a second or third round of stories, interest in the topic will die off. It is important to heavily engage right away to get the message set right in that second round, as you may not get another chance. Press cycles are fickle, and people lose interest quickly. Without something new happening on a topic, there is not really much to say after a second round of stories.

Influence Principles Apply
These basics are important, and really they are the core things to focus on when dealing with the press for the first time. There is no reason to over complicate things, its best just to focus on the fundamentals.

Dealing with the press and controlling the messaging in any situation requires effort. Think about trying to buy a new product for your business, and making the business case for it. Or trying to convince your spouse that this new car is the one you really need to purchase. You need to clearly explain yourself, understand other points of view, and be able to counter arguments.

If you want to see some examples of this in action check out our media page on the social-engineer framework. The concepts of influencing others rely on the same social engineering fundamentals are the same regardless of if they are being applied to the press, implementing a change in the work place, or trying to obtain some confidential information.

Pay attention to the news articles on various tech topics going forward and watch how they arch. You will likely see the initial narrative being set, clarifications, and then a lack of interest. In some other cases you will see what needs to be done to keep a story alive. However, that is possibly another topic for a later time, if there is enough interest. 

Written by James O'Gorman