Chapter 1. A Look into the World of Social Engineering
If you know the enemy and know yourself you need not fear the results of a hundred battles.
——SUN TZU
Social engineering (SE) has been largely misunderstood, leading to many differing opinions on what social engineering is and how it works. This has led to a situation where some may view SE as simply lying to scam trivial free items such as pizza or obtaining sexual gratification; others think SE just refers to the tools used by criminals or con men, or perhaps that it is a science whose theories can be broken down into parts or equations and studied. Or perhaps it's a long-lost mystical art giving practitioners the ability to use powerful mind tricks like a magician or illusionist.
In whatever camp your flag flies, this book is for you. Social engineering is used every day by everyday people in everyday situations. A child trying to get her way in the candy aisle or an employee looking for a raise is using social engineering. Social engineering happens in government or small business marketing. Unfortunately, it is also present when criminals, con men, and the like trick people into giving away information that makes them vulnerable to crimes. Like any tool, social engineering is not good or evil, but simply a tool that has many different uses.
Consider some of these questions to drive that point home:
Have you been tasked ...