Hjem

Foreword xiii Preface and Acknowledgments xvii 1 A Look into the World of Social Engineering 1 Why This Book Is So Valuable 3 Overview of Social Engineering 9 Summary 21 2 Information Gathering 23 Gathering Information 26 Sources for Information Gathering 33 Communication Modeling 43 The Power of Communication Models 53 3 Elicitation 55 What Is Elicitation? 56 The Goals of Elicitation 58 Mastering Elicitation 74 Summary 76 4 Pretexting: How to Become Anyone 77 What Is Pretexting? 78 The Principles and Planning Stages of Pretexting 79 Successful Pretexting 91 Summary 99 5 Mind Tricks: Psychological Principles Used in Social Engineering 101 Modes of Thinking 103 Microexpressions 109 Neurolinguistic Programming (NLP) 136 Interview and Interrogation 143 Building Instant Rapport 162 The Human Buffer Overflow 172 Summary 178 6 Influence: The Power of Persuasion 181 The Five Fundamentals of Influence and Persuasion 182 Influence Tactics 187 Altering Reality: Framing 215 Manipulation: Controlling Your Target 233 Manipulation in Social Engineering 248 Summary 256 7 The Tools of the Social Engineer 259 Physical Tools 260 Online Information-Gathering Tools 279 Summary 297 8 Case Studies: Dissecting the Social Engineer 299 Mitnick Case Study
1: Hacking the DMV 300 Mitnick Case Study
2: Hacking the Social Security Administration 306 Hadnagy Case Study
1: The Overconfident CEO 310 Hadnagy Case Study
2: The Theme Park Scandal 317 Top-Secret Case Study
1: Mission Not Impossible 322 Top-Secret Case Study
2: Social Engineering a Hacker 329 Why Case Studies Are Important 337 Summary 338 9 Prevention and Mitigation 339 Learning to Identify Social Engineering Attacks 340 Creating a Personal Security Awareness Culture 341 Being Aware of the Value of the Information You Are Being Asked For 344 Keeping Software Updated 347 Developing Scripts 348 Learning from Social Engineering Audits 348 Concluding Remarks 354 Summary 361 Index 363