Skip to Content
Social Engineering: The Art of Human Hacking
book

Social Engineering: The Art of Human Hacking

by Christopher Hadnagy
December 2010
Beginner content levelBeginner
404 pages
11h 8m
English
Wiley
Content preview from Social Engineering: The Art of Human Hacking

9.5. Developing Scripts

One more beneficial thing bears mentioning: develop scripts. Don't cringe; I don't mean scripts in the sense that the employee must say X if a situation equals A plus B. I am talking about outlines that help an employee be prepared to use critical thinking when it counts the most. Consider these scenarios:

What is the proper response when someone who claims to work for the CEO calls and demands your password? What do you do when a guy who has no appointment but looks and acts the part of a vendor demands access to a part of the building or property?

Scripts can help an employee determine the proper response during these circumstances and help them feel at ease. For example, a script may look like this:

If someone calls and claims to be from the management office and demands compliance of either handing over information or internal data, follow these steps:

  1. Ask for the person's employee ID number and name. Do not answer any questions until you have this information.

  2. After getting the identifying information, ask for the project ID number related to the project he or she is managing that requires this information.

  3. If the information in steps 1 and 2 is successfully obtained, comply. If it's not, ask the person to have his or her manager send an email to your manager requesting authorization and terminate the call.

A simple script like this can help employees know what to say and do in circumstances that can try their security consciousness. ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Hacking: The Art of Exploitation, 2nd Edition

Hacking: The Art of Exploitation, 2nd Edition

Jon Erickson
Practical Malware Analysis

Practical Malware Analysis

Michael Sikorski, Andrew Honig
Ethical Hacking

Ethical Hacking

Daniel G. Graham

Publisher Resources

ISBN: 9780470639535