I’ve been pondering about this, perhaps some people can shed some light.
When social engineers succeed in their engagements, it usually involves building trust with their targets, same with a conman, phishing attacks, etc. Differing levels of what is defined as trust. They engage techniques that build instant rapport. Neuro-linguistic programming (NLP), Hypnotism, you name it, they’ve tried it.
Social-Engineer.org highlighted some uses of NLP in social engineering (Their podcast is really interesting, by the way).
So what exactly are the factors that build trust? How exactly is the human brain wired? I believe many people have read “The Game” by Neil Strauss. While on the surface, it seems like a simple book about how to pick up girls (Trust me… I’ve eavesdropped on enough bus conversations about this book in the past year), it never fails me how people overlook that essentially that book teaches people how to instantly build trust. While this requires a lot of moxie to pull off, the framework and structure works for all gender and purposes and allows a rapport to be built rapidly. While we only see this being applied by a conman, (check YouTube for “The Real Hustlers”) I think we can rapidly see (or have seen) some of these concepts or cons being applied in IT-based attacks.
Contributed by Mike Loh.