This chapter reminded me of an episode of a favorite show of mine, curb your enthusiasm. There was an example in the book of how the social engineer caused a problem, and then fixed the problem, in order to build trust with his victim. In the episode of curb, the main character Larry David wants to get back together with his wife who recently left him. The only problem is that she takes advice from her psychologist who thinks it’s a bad idea for her to get back together with Larry. So now Larry must think of a way to get the psychologist to like him. He decides to have a friend of his pretend to steal the psychologists purse while Larry would be waiting behind a tree to pop out, stop the thief and return the purse to the grateful psychologist. Larry set up this whole burglary in order to gain the trust of someone that he needed.
Although in the episode the plan doesn’t work, obviously these types of scams work all the time in the social engineering world. These types of attacks seem hard to stop and I’m not really sure how to protect against them. You must be suspicious of those that seem to pop up immediately after something bad happens. Kind of like in the Godfather when before Don Corleone died he warned his son Michael that the first one to approach him at the funeral would be the traitor.
2 comments:
But it's so tiring be suspicious all the time! If we questioned everyone who offered to help us after something bad happened pretty soon noone would ever want to help us. Next time my computer crashes and the secretary comes over to see if she can help I'm going to accuse her of causing it to get something from me. Ha, we'll see how that goes over.
I agree that fabricated actions to build trust would be extremely difficult to discern. I don't think I am skeptical enough to question the actions of someone who I felt did a good deed.
Post a Comment