February 2014
Intermediate to advanced
256 pages
5h 1m
English
book
Unmasking the Social Engineer: The Human Element of Security
by Christopher Hadnagy, Paul Kelly F., Paul Ekman
Content preview from Unmasking the Social Engineer: The Human Element of SecurityBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 8
The Nonverbal Side of Elicitation
Feelings are much like waves: we can't stop them from coming, but we can choose which ones to surf.
—Jonathan Martensson
I define elicitation as the act of getting information from someone without asking for it directly. This doesn't mean you don't ask questions, and it doesn't mean you don't ask for information. Military and intel folks, living acronyms, often joke about “ASKINT”—Ask Intelligence: “If you ask them, they will tell you!” It's all about how you ask about or around the issue. It means you employ techniques to gather this information from people. I usually refer to the techniques in Robin Dreeke's book It's Not All About “Me”: The Top Ten Techniques for Building Quick Rapport with Anyone. In that book, Dreeke outlines 10 principles for building rapport with anyone; these are the keys to elicitation:
- Artificial time constraints: Using simple phrases—such as “Can I ask you a quick question?” or “I have to leave in five minutes, can I ask you a quick question?”—leaves the subject feeling more friendly about talking with you.
- Accommodating nonverbals: If you're saying that you're worried or sad and you're showing fear or anger in your nonverbals, then the subject will feel that incongruence. They may not understand why, but the red flags go up, and they feel uneasy. It is important that our nonverbal displays match the story.
- Slower rate of speech: The faster we talk the more prone we are to error, the more we sound like we ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.