Core of Human Exploitation: How Does it Work?


(Merozey) #1

Hi, i’ll delve right into this topic and hope it’ll make up for my absence recently, but I have a lot on my plate. I’ll bring up a topic of mine which you know is dear to me. Social-engineering.

**

Overview

**

I’ve seen people online saying social-engineering is something you become, and that you can become an actual social-engineer. As true as that is to an extent, I wouldn’t necessarily say it’s something you become, because if you ask me, i’ll tell you right now that many people already possess this set of skills, they just don’t know of it’s presence, because they dont see it as an exploitation method.

Because, in our daily lives, there are things we don’t want to do (no surprise) and we want a way out of it. It could be anything as an extra shift, a boring dinner, a reunion perahps and so on. So how would one refrain from attending these events? A 'im sick I cant come… sorry* or, “My friend is going into labour” A little over the top, but you know whatever works.

Those are already perfect examples of social-engineering. People realize that in order to achieve their desired result, they need to figure out what the person they need to persuade is ‘vulnerable’ to. (To put it bluntly). I mean, if you texted your friend, “Hey I dont want to go to this boring wedding or dinner, you can just go alone” He would probably respond back with agitation.

So we avoid that with an excuse. This is where I think social-engineering becomes very relevant and interesting, because we as humans realize that people are vulnerable to certain things and topics, and we therefore use those to skip unwanted events.

**

Analyzing your ‘target’

**

When we want to obtain credentials from our target, we need to persuade them. And what do we need to establish in order to persuade them? Trust. This is the core of exploiting people using social-engineering. Social-engineering is built upon human interaction, and that relies upon trust because people wont believe what you tell them if they dont have a certain amount of trust to you.

Call me crazy, but I think it is very important to know your victim when exploiting them. Knowing their values, morals, what they like and dont like in terms of food, sports, tv shows, literally everything. The more you know all of these things, you literally have an insight to their entire life. Thereby being able to know exactly what to say, in what context to say, and maybe even saying it in a certain way to convey your message stronger.

I hope you can follow along, because its very fascinating.

**

Persuasion

**

This concept of human exploitation really comes down to how we as humans are thinking and perceive things. Imagine if humans weren’t easily fooled. A good example of that would be magic. A magicians mission is to make you believe something, and he/she does that by showing your eyes one thing, when in reality the trick is going on elsewhere.

Imagine if we as humans needed further proof to these magic tricks. I mean, we all know it’s a hoax, but yet we leave these shows feeling convinced in a way, because we saw it with our own eyes right in front of us, heck yo might even have been up there to help with the trick.

**

End point

**

So, in order to exploit your victim, you should know literally as much about them as possible. What hobbies they have, sports preferences, favourite tv shows. All of these factors are things you can use in your convincing argument, and with the right context and use of words you’ll seem convincing.

It’s really a big topic, and i’ll definitely be doing more articles on this topic. For the upcoming articles i’ll be jumping to some anonymity, one of my also dear topics.


#2

Great article! Loved reading it! I really forward to anything else you have in store! Perhaps a suggestion but why don’t you make a series on it?! :smile:


(Merozey) #3

Sounds like a good idea ! prolly just too lazy


(Valentine) #4

Interesting perspective. I would love to see more of these type of articles in the near future. But nice article either way.


(oaktree) #5

The true core is Appealing to Emotions.

Start With Why, a TED Talk by Simon Sinek


(Command-Line Ninja) #6

I’ve read Robert Ciladini’s psychology of persuasion, and it works. You just need to plan it correctly. I’ve also found people are more vulnerable when they’re being rushed or are under pressure. If you can invoke a panic or pressure (such through a time limit), then you will likely have a better chance.


#7

Even though I agree with @oaktree, I think that if you’re able to connect with your target, even if it is by a little thing (may that be an emotional connection, a common interest, whatever…), it will make your job a whole lot easier, thus increasing your chance of a successful attack.


(oaktree) #8

I don’t see any disagreement in your statement.


#9

What I meant was that it just doesn’t have to be an emotial connection or, as you mentioned, appeal to ones emotions


(oaktree) #10

@n3xUs: Common interests are derived from mutual happiness resulting from some activity or thing. Thus, it still boils down to emotions.


(Command-Line Ninja) #11

Having common ground is so important as sort of mentally marks the other person as “friend” not enemy. I’ve made friends with people so easily just because I do the same type of work than them.


(Monkey Wrench) #12

And don’t forget interest. I don’t consider it an emotion, but knowing* someone’s interest in something will enable you to model your approach and pinpoint weak points, be it emotional or otherwise.

'* - goes under analysing your target


(system) #13

This topic was automatically closed after 30 days. New replies are no longer allowed.