The Power of the Ultimate Social Engineer

For over two years, we have been analyzing all types of people from all sorts of fields.  We have dissected their methods, philosophies, and their careers to see what we can learn about them; to see how to enhance our social engineering skills and deepen our understanding of human nature.

This month, we devote the newsletter to a very special individual  Brad “The Nurse” Smith. For those of us that know Brad, it probably didn’t take long before a huge smile subconsciously appeared on your face just thinking about your last interaction.  For those of us that do not know him, let me tell you a little about Brad.

Brad is an older gentleman, average size, with longer silver hair.  He is an avid student of NLP, Social Engineering, and the human psyche.  You can tell too. The way he talks is very controlled, calm, and always listening more than talking.  He knows how to make you feel like you are not only important, but the most important person in the room. Brad’s deeper, low toned voice is soothing to the listener and his calm demeanor makes you feel at ease right away.

the ultimate social engineer

Just a few days ago, Brad was slated to give a speech at Hacker Halted in Miami, Florida, USA.  While getting up for his speech and going on stage, he suffered a hemorrhagic stroke.  I am no doctor , but what I have been told is this type of stroke is caused by a blood vessel bursting in your brain.

Quickly, Leonard Chin, from Hacker Halted, called 911 and got him to the local hospital, Jackson Memorial.  Brad was rushed to surgery and the blood clot was removed; however, brad was left in the ICU in a coma.

What does all of this have to do with Social Engineering?  It was only a matter of hours and what I personally saw happen convinced me of the power of rapport.  People like Ping Look from Black Hat, Leonard Chin from Hacker Halted, Jason Kobes, DevAuto, the crew at Social-Engineer.Org, and many more, just jumped into action to help out.  A few hours later, when I thought I couldn’t be more amazed, I was. We set up a quick and dirty donation page to help collect money to cover the expenses that Brad and his wife were incurring from travel, hotels, hospital bills, and more.

Now think of this, on a site called SOCIAL-ENGINEER.ORG we have a button that says “give us your credit card numbers and donate money.” I was convinced that a few donations would come in from the people that know we are about education and not scamming.  What I didn’t expect was after only 2 days, seeing over $6000 USD in donations! Guys like tuna and Sequel7 helping find Nina (Brad’s wife) a place to stay. Companies like Core Securities and organizations like Black Hat providing front page banners and donations.

Why would strangers do this?

During the donation process, the donor has the choice to add a note. Here are some of them:

  • We love you Brad.
  • Brad and I chatted for the first time at BlackHat 2010. He’s been a fixture forever, so I knew who he was, but had no expectation that he knew me. Didn’t matter, just chatted like we were old friends. Thanks, man. Get better and see you at DC2012.
  • God bless Brad the Nurse and his family. One Good Dude.
  • I was in Brad’s class when the incident happened. Brad does not know me personally but I have been following him for a long period of time and this is very sad. Most of my friends are close friends of Brad and we will all pray for his well-being. I wish you strength in those very harsh moments and we will pray for him.
  • Brad is a great man, and a great friend. He and his family are in our thoughts.
    Get well. Our community hurts when one of our own is down. Never met you, but you and your family are in my thoughts. Wish I could donate more.
  • I know it’s been a while since you both heard from me (and I moved from Montana almost six years ago now), but I still remember you fondly!…and my heart and thoughts are with both of you during this time. Hang in there. I just know Brad is made of tough stuff and he’ll be back with us soon.
  • Brad, you have been a true source of knowledge and encouragement.  You have taught me, mentored me and I pray for your quick recovery.  I cannot wait to meet you amazing wife.  Hang in there buddy.  I hope what I have tried to do here makes you happy and feel the love that we all feel for you.
  • Social-Engineer — Thanks for doing this to help them! Brad and Nina, hang in there. I wish you peace and strength.
  • Godspeed and prayers Brad and family. I’ve never met you, perhaps have seen you at con, and if it means anything, I forgot all training and paranoia and followed a link from the Social Engineer.org website to Paypal (!!) and typed in credit, address, phone and email information.

 

What could possibly motivate people from all over the world to donate their hard earned money to a person they may not know very well or have seen at the cons?  This is one of those aspects of social engineering we have discussed in detail over the years.  It involves building a strong bond and rapport.  My partner in the Social Engineering for Penetration Testers course wrote a new book entitled, Its Not all About Me, which covers the top ten techniques for building rapport.

Brad is living personification of all ten of those techniques.  The “proof is in the pudding.” A community of thousands is behind him and his wife with prayers, positive thoughts, time, effort, money and support because of the way he made us all feel.

What’s the main lesson in all this? Truly caring for other people, making what is important to them important to you, and being a great listener creates bonds that transcend a community, a conference, or a speech.

While we often focus on how social engineering skills can be used to break into companies or otherwise obtain information that is supposed to be protected, Brad demonstrates the positive aspects of these skills, and shows how they can be put to good use. Brad uses social engineering skills and techniques not to deceive, but to better communicate and build relations with others. He does not do this for personal gain, but because he cares about people to such an extent that this becomes his way of making sure everyone understands how important they are to him. Brad is an example of everything that is positive about social engineering and our community in general. We are proud to be there when he and his wife are in need.

If you would like to contribute to help Brad out, please visit https://www.social-engineer.org/bradsmithdonation/.

Written by:  Christopher Hadnagy