Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Social Engineering: How to Rob a Bank with a Phone

Chris Cooper
April 28, 2013
Technology
0
170

Social Engineering: How to Rob a Bank with a Phone

A talk on some of the social engineering techniques employed by hackers to obtain confidential information, and why they work so well. Making users aware of these helps them spot an attack taking place.

Presented at Barcamp Canterbury on the 28th Apr 2013.
http://barcampcanterbury.com/

Chris Cooper

April 28, 2013
Tweet

More Decks by Chris Cooper

See All by Chris Cooper
The Digital Hostage: Ransomware in the Workplace
itscooper
0
99
People Security and Social Engineering
itscooper
0
87
Keeping Your Data Secure: A Guide for Human Beings
itscooper
0
180
E-Safety: How technology can protect us from technology
itscooper
0
290
The Cookie Monster (and other web security exploits)
itscooper
2
300
Hacking the Box (Joseph Sheridan)
itscooper
1
260
Breaking Stuff: What Ethical Hacking Has Taught Me
itscooper
1
140

Other Decks in Technology

See All in Technology
チーム開発における自作ESLintルールの活用と戦略
sansantech
PRO
0
270
LOWYAビジネスダッシュボード:DevとBizの共通認識が切り拓く未来
kazumax55
0
110
Janus
bkuhlmann
0
290
Route 53のSLAだけ100%なんだ
motsuhiro131
0
220
Droidknights 2023 - 이상훈 - 기존 앱을 Jetpack Compose로 마이그레이션 하기
dsa28s
3
280
[PHPカンファレンス沖縄2023]【実践編】良いプロダクト作りのための組織育成 健全なコードは健全な組織、健全なチームから
ikezoemakoto
0
160
dojo230914
mitsuakitohei
1
190
「挑戦しなければ障害は生まれない」 社内ポストモーテム共有会について
sheep_san_white
0
360
hacomonoポストモーテムの取り組み(2023/09)
hacomono
1
480
Mutating Meetup with GraphQL
adavis
1
120
Jetpack Glanceではじめる Material 3のColor
mochico
0
540
アジャイルな組織を作るために開発チーム作成ガイドを書いた話 / Scrum Fest Mikawa 2023
ama_ch
3
1.5k

Featured

See All Featured
The Language of Interfaces
destraynor
149
22k
No one is an island. Learnings from fostering a developers community.
thoeni
14
1.8k
Code Review Best Practice
trishagee
53
13k
Building Applications with DynamoDB
mza
87
5.2k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
123
30k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
24
1.9k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
33
8.5k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
318
20k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
26
5.5k
Bootstrapping a Software Product
garrettdimon
PRO
299
110k
Navigating Team Friction
lara
177
12k
Debugging Ruby Performance
tmm1
68
11k

Transcript

  1. SOCIAL
    ENGINEERING
    HOW TO ROB A BANK WITH A PHONE

    View Slide

  2. Scene # 1 Pumpkin & Honey Bunny

    View Slide

  3. Scene # 1 Pumpkin & Honey Bunny
    I heard about this
    one bloke who walks
    into a bank with a
    portable phone...

    View Slide

  4. @itscooperful

    View Slide

  5. PHYSICAL
    DATA SOCIAL

    View Slide

  6. SOCIAL TESTING
    Remote
    Onsite
    emails/phone calls
    physical
    infiltration

    View Slide

  7. OBJECTIVE:
    Convince the target to do
    something they wouldn’t
    usually do.

    View Slide

  8. HOW?
    Trigger the desired
    behaviour as an emotional
    response.

    View Slide

  9. invented scenario
    PRETEXTING
    blagging
    AKA
    legitimacy & emotion
    RESEARCH + IMPERSONATION

    View Slide

  10. Phishing
    include a pretext
    EMAIL / PHONE
    passwords
    credential
    ask / change
    harvesting

    View Slide

  11. BAITING
    Trojan Horse
    curiosity
    helpfulness
    greed

    View Slide

  12. RESTRICTED
    PHYSICAL
    ACCESS
    tailgating
    lunch breaks
    smokers’ door
    heavy boxes

    View Slide

  13. Robbing a Bank?

    View Slide

  14. @itscooperful
    THE
    END

    View Slide