The Social-Engineer Podcast

Elizabeth Loftus interview: False-memory research on eyewitnesses, child abuse recovered memories. In this episode, Chris Hadnagy and Ryan MacDougall are joined by distinguished professor: Elizabeth Loftus. Listen in to understand the vulnerabilities in human memories and how they are sometimes exploited. Learn to defend against attacks on your memory and how this info can be applied in the information security industry.  

00:01 – Introduction to Elizabeth Loftus and her research on the malleability of human memory. 

01:41 – Elizabeth's reasoning for researching human memory.  

03:12 – What our faulty memory means for eyewitness testimonies. 

04:20 – How the phrasing of a question can distort someone's memory.  

06:27 – Is it possible to verify the accuracy of a memory? 

10:34 – Trying hard to remember something can sometimes lead to the creation of a false memory. 

11:22 – Elizabeth's experience with the trial of George Franklin. 

14:13 – How can we protect ourselves from having our memories modified? 

14:21 – The similarities between preventing false memories and preventing scams. 

 20:40 – “What the heck is going on in the world of Social-Engineer: COVID Style.” 

Practical Open Source Intelligence For Everyday Social Engineers 

Advanced Practical Social Engineering Training 

The Human Hacking Conference - Orlando, FL March 11-13, 2021 

2021 Training Schedule 

Book: Human Hacking: Win Friends, Influence People, and Leave Them Better Off for Having Met You 

Website: social-engineer.com 

Website: social-engineer.org 

25:43 – How hypnosis therapy often generates false memories.  

30:21 – How to protect yourself from having your memories altered. 

32:58 – The prevalence and impact of misinformation on social media. 

38:30 – Elizabeth’s website, Ted Talk and books. 

Elizabeth F. Loftus’ UCI School of Social Ecology Website 

Ted Talk at TedGlobal 2013 

Books by Elizabeth 

39:44 – Elizabeth’s book recommendations. 

Mistakes Were Made (but Not by Me) 

41:50 – Outro  

Social-Engineer.org   

Newsletter 

Framework 

Blog 

Social-Engineer.com   

The Innocent Lives Foundation   

The Innocent Lives Foundation on Twitter 

The Human Hacking Conference  

The Human Hacking Conference on Twitter  

Human Hacking Book 

Chris on Twitter   

Social-Engineer on Twitter  

Social-Engineer on Facebook 

Social-Engineer on LinkedIn 

Social-Engineer on Instagram  

Social-Engineer on Slack 


Jonathan Miller In this episode, Chris Hadnagy, Shelby Dacko and Jonathan Miller discuss many ways to improve your skills as a communicator. Learn the importance of observing the information your own body gives you. Hear their experiences with being amygdala hijacked, and how you can have your own superhero moment 

00:07 – Introduction to Shelby Dacko, Human Risk Analyst for Social-Engineer. 

00:44 – Introduction to Jonathan Miller and his experience resolving conflict without violence.  

02:06 – How to focus on nonviolent communication in violent circumstances 

04:18 – How to engage in productive conversation by respecting other’s opinions.  

06:24 – Become a better communicator by paying attention to introspective sensations. 

10:33 – How a 1984 GMC Vandura and a potato helped Jonathan become a communications expert. 

14:48 Why most people pay no attention to the way they communicate. 

18:58 – Announcements: 

Human Hacking: Win Friends, Influence People, and Leave Them Better Off for Having Met You 

Virtual Advanced Practical Social Engineering - 17-20 November, 2020 

The Human Hacking Conference - Orlando, FL March 11-13, 2021 

HHC SE Pentest Track – Day 2 – Vishing (Curt) 

Advanced Practical Social Engineering – Orlando 13-16 April, 2021 

Masters Level Social Engineering – Orlando, Fl 10-14 May, 2021 

Advanced Practical Social Engineering – Bristol, UK 15-18 June, 2021 

Social-Engineer.com 

23:35 – How to become self-aware of the way you communicate.  

25:08 – How to Deal with Defensiveness and Defensive People in Conversations 

26:09 – How an amygdala hijack can trigger a defensive response and how you can work to fight it. 

42:56 – Defensiveness creates more defensiveness. 

44:29 – Jonathan's contact info, podcast and social media links. 

Press Kit: http://bit.ly/JMPressKit 
Website: https://www.mindfulcommunication.me 
Mindful Communication Podcast: https://anchor.fm/podcast-863ccb8 
LinkedIn: https://www.linkedin.com/in/millerdjonathan/ 
Instagram: https://www.instagram.com/mindfulcommunication/ 
Tough Talks Made Easy: https://bit.ly/ToughTalksMadeEasy 
Code: social50 

Article: How to Deal with Defensiveness and Defensive People in Conversations 

46:39: Jonathan’s book recommendations. 

Difficult Conversations: How to Discuss What Matters Most 

Nonviolent Communication: A Language of Life 

Sapiens: A Brief History of Humankind 

48:01 Outro 

Chris on Twitter   

Social-Engineer on Twitter  

Social-Engineer on Instagram   

Social-Engineer.org   

Social-Engineer.com   

The Human Hacking Conference  

The Human Hacking Conference on Twitter  

The Innocent Lives Foundation   

The Innocent Lives Foundation on Twitter 

Direct download: Ep._133_-_Having_Superhero_moments_with_Jonathan_Miller.mp3
Category:general -- posted at: 2:00am PDT

Stephanie Paul (@StephaniePaulZz) | TwitterIn this episode, Chris Hadnagy and Stephanie Paul introduce multiple different methods that can be used to become a better communicator and social engineer. They go into the practice required in changing the way you communicate and share some amazing experiences of people who were able to do so. They also go over how an unmotivated person can gain the ambition to accomplish their goals.  

01:10 – Introduction to Stephanie Paul. 

01:58 Training people to be effective storytellers: How Stephanie came up with the idea.  

05:24 – Analyzing the applicability of social engineering principles in other fields. 

07:01 – The YOU method. 

13: 50 – Driving the CAAR method. 

15:19 – How an unambitious person can motivate themselves by changing their value system. 


22:55 – Announcements:  

New social-engineer.com website 

Advanced Practical Social Engineering Training 

Master's Level Social Engineering 

The Human Hacking Conference - 11-13 March, 2021 

Clutch 

The Innocent Lives Foundation  


24:41 – How you can improve as a person and social engineer by getting to know yourself 

29:04 Improve by shifting your communication energy 

32:30 – Improve by utilizing humor 

35:30 – Improving your communication requires practice 

40:49 – Stephanie's contact info, courses and book. 

The “WHYGUIDE” To Story Hacking 

Apply for Stephanie's Online Training 

Stephanie's Social Media:

42:40 - Stephanie’s book recommendations 

#Values: The Secret to Top Level Performance in Business and Life 

The Source: The Secrets of the Universe, the Science of the Brain 

The Ellipsis Manual: analysis and engineering of human behavior 

Truth and Lies: What People Are Really Thinking 

Louder Than Words: Take Your Career from Average to Exceptional with the Hidden Power of Nonverbal Intelligence 

Limitless: Upgrade Your Brain, Learn Anything Faster, and Unlock Your Exceptional Life 

Chris on Twitter  

Social-Engineer on Twitter 

Social-Engineer on Instagram  

Social-Engineer.org  

Social-Engineer.com  

The Human Hacking Conference 

The Human Hacking Conference on Twitter 

The Innocent Lives Foundation  

The Innocent Lives Foundation on Twitter 


Chani Simms – Think Cyber Security for Government In this episode Chris Hadnagy and Chani Simms reveal the secrets to becoming a better communicator and breaking into the InfoSec industry. They discuss the challenges women often face and how they can be overcome. They also go over the ways a newcomer can contribute to a more experienced team. 

00:05 – Introduction to Chani Simms and Her Experience as a Woman in the InfoSec Industry 

01:09 – Chani's TEDx Talk: “Stop chasing the magic security box” 

01:19 – How Chani Got into the Infosec Industry and Started Her Own Pentesting Company 

04:53 – Chani's Experience with Hacking, Forensics, Auditing, Risk Management, Consulting and as a Virtual CISO for Multiple Companies 

08:08 – The Prevalence of Women in the Sri Lankan Tech Industry 

10:47 - Chani Simms has been recognized as one of the "Top 50 Most Influential Women In Cybersecurity 2019" by SC Media UK 

11:25 Chani's Reason for Starting SHe CISO  

13:13 – Chani Shares her Experience with Receiving the Awards 

17:14 Chani Gives Advice to People Looking to Become Successful in this Industry 

20:10 – How to Deal with Feelings of Inadequacy in Order to Add Value to a Team 

23:15 – Upcoming Virtual Trainings and Human Hacking Conference Signups 

1-4 August, 2020 – Advanced Practical Social Engineering – Virtual Training 

11-13 March, 2021 – The Human Hacking Conference 

The Innocent Lives Foundation 

Clutch 

 25:10 – How a Newcomer to a Field can Still Add Value to a Team 

29:33 – How to Work with Unkind People in the Workplace 

31:09 – How to Accept Valid Criticism and Become a Better Communicator by Suspending Your Ego 

37:03 – Chani's Contact Info and More Info About SHe CISO 

LinkedIn 

Twitter 

SHe CISO Website 

SHe CISO Bootcamp 

41:09 – Chani's Book Recommendations 

Men Are from Mars, Women Are from Venus: The Classic Guide to Understanding the Opposite Sex 

The Definitive Book of Body Language: The Hidden Meaning Behind People's Gestures and Expressions 

45:04 – Conclusion and Outro 

Chris on Twitter 

Social-Engineer on Twitter  

The Human Hacking Conference on Twitter 

The Innocent Lives Foundation on Twitter 

Social-Engineer.org 

Social-Engineer.com 

The Human Hacking Conference 

The Innocent Lives Foundation 

Social-Engineer on Instagram 

 

Direct download: Ep._131__The_Secret_To_Achieving_All_Your_Goals_with_Chani_Simms.mp3
Category:general -- posted at: 1:00am PDT

 Vyvyan Evans | Professor of LinguisticsIn this episode, Chris Hadnagy and Dr. Vyv Evans discuss the widespread use of emoji and how it can help fill the gap between text and face-to-face communication. Emoji has the ability to add tone and expressions to text that it would otherwise be lacking. In in a single picture, they can express complex ideas that would otherwise require many words to convey.  

00:10 - Introduction to Dr. Vyv Evans and his Work on Emoji 
01:37 - Brooklyn Teen Was Arrested for Threats Made with Emoji 
03:52 - The 2 Main Functions of Language  
06:12 - In Real World Scenarios, Communication Utilizes Multiple Channels 
07:55 - Tone of Voice Can Change the Meaning of Our Words 
09:05 - Gestures Can Change the Meaning of Our Words 
10:59 - Emblems are nonverbal signals that can be translated directly into words. 
12:50 - The Meaning of Emoji Can be Affected by Group or Cultural Factors 
15:45 - The Rebus Principle is Used to Represent Abstract Words with Pictograms, Like Emoji 
18:16 - Upcoming Virtual Trainings and Human Hacking Conference Signups.  

19:58 - The Differences Between the Emoji System and Language 
22:46 - Emoji Helps Text Catch Up with the Tone and Kinesics Found in Spoken Face-to-Face Interaction 
23:20 - Survey Done by Match.com Corelates the Use of Emoji to Increased Sexual Activity 
24:38 - Emoji Makes Us More Effective Communicators in the Digital Space 
26:09 - The Angry Jerk Phenomenon and How Emoji Can Help 
27:35 - Why Visuals are Important to Communication 
29:23 - The 😂 (Tears of Joy) Emoji Was Oxford Dictionary’s “Word of the Year” in 2015
31:05 - How Text Can Accidentally Convey the Wrong Tone 
32:10 - Emoji Can Complement the Meaning of a Word  
33:32 - Nonverbals are a Vital Component to Communication 
35:47 - Discussing Whether a Decrease in Vocabulary May Have Contributed to the Creation of Nonverbal Communication and Emoji 

41:26 - Vyv’s Contact Info 
Website: https://www.vyvevans.net/ 
Twitter: https://twitter.com/VyvEvans 
LinkedIn: https://www.linkedin.com/in/vyv-evans/ 

42:23 Vyv’s Books  
https://www.vyvevans.net/books 
The Emoji Code: The Linguistics Behind Smiley Faces and Scaredy Cats
42:44 Vyv’s Book Recommendations 
Because Internet: Understanding the New Rules of Language 

Direct download: SocialEngineerPodcastEp130.mp3
Category:general -- posted at: 1:00am PDT

Speaker: Mark Bowden, Expert in Body Language, Human Behavior ...Episode Highlights:

  • Mark shares his thought on being inauthentic.
    How he started in the nonverbal world and how he got engaged in writing books.
    Discusses being dyslexic, but reading images and creating images and critically thinking about images was easy for him.

Key Points:

  • Do not mistake truths from facts they are not the same.
  • If you tell a story and you massage some of the facts you sometimes get a stronger clearer truth from the story.
  • People first need to think that it's valuable then believe that its true, so they go and use it.

 

Resources Mentioned:

Direct download: Social-EngineerPodcastEp129.mp3
Category:general -- posted at: 1:00am PDT

Episode Highlights:

  • Alethe shares her initial thoughts on receiving details about her target company.
  • One mistake Alethe made in her first competition was misunderstanding that you can repeat flags.
  • Alethe outlines how she prepared for the second competition, including watching re-enactment videos.
  • Chris and Alethe discuss the importance of pretext and the key switch Alethe made.
  • Alethe describes the experience of bringing a young baby to DefCon.
  • She spent over 100 hours of time on her OSINT report. She spent even more time getting ready for the calls.
  • Alethe tells us the most dangerous OSINT she found in her research.
  • Alethe compares real-life vishing to competitive vishing.
  • The time factor gave Alethe anxiety during her first competition. Learn how she managed this the second time around.
  • They discuss the name game and how to use it effectively or ineffectively.
  • Learn the important way the black badge changed Alethe’s life.

 

3 Key Points:

  1. Dedicate a big chunk of time to prepare for the conference by listening to podcast episodes, watching re-enactments, and preparing your OSINT report.
  2. In her OSINT research, Alethe was able to find information as dangerous as the types of equipment and software the company used freely available to the public.
  3. In real-life vishing, you have time to establish rapport. Competitive vishing moves much faster.

Resources Mentioned:

Direct download: Social-EngineerPodcastEp128.mp3
Category:general -- posted at: 2:00am PDT

Episode Highlights: 

  • The Human Hacking Conference was about having a deep understanding of other human beings to help you make connections.
  • Robin Dreeke’s presentation was about his code of trust and sizing people up with a step-by-step process.
  • Next year he will do what he did this year but then go into sizing people up.
  • Paul Wilson’s presentation was about how there’s a vast toolbox of manipulation that is untapped in the security community.
  • People were supposed to walk away from Dov’s session with a sense of their own dragon fire.
  • Stephanie Paul’s session was about helping people find their voice and their message from the inside out.
  • She believes the conference ended up with a theme because they're all humans speaking to human qualities that we have.
  • As they discuss why the conference had a theme, Paul asserts that the core element is story.
  • The subject itself fed the experience of the weekend.
  • Next year, Stephanie's session will be about learning through fun.
  • Dov’s session next year will help you better understand your own emotional logic.
  • Paul’s session next year will give people a toolkit for recognizing deception.

3 Key Points:

  1. The Human Hacker Conference was all about helping people understand themselves and others.
  2. Common themes emerged because presenters were speaking to the human qualities we all possess.
  3. Story can be used to teach, to educate, to touch hearts and it can also be used against you.

Resources Mentioned:

Direct download: Social-EngineerPodcastEp127.mp3
Category:general -- posted at: 7:35pm PDT

3 Key Points:

  1.   Conversational intelligence helps us understand how our brains and bodies interact  to create our experiences and how we can learn to control our experiences.
  2. The Conversational Intelligence Matrix describes three levels of conversation: transactional, positional, and transformational. 
  3. In order to improve CIQ, an individual must begin recognizing reality gaps, asking  more questions of others, and letting their guard down.

 

Direct download: Social-EngineerPodcastEp126.mp3
Category:general -- posted at: 1:00am PDT

In Episode 125, host Chris Hadnagy speaks with William Ortiz, a federal polygraph examiner who worked in the FBI for decades. In this discussion, you’ll learn how the polygraph works, how people try to fool the polygraph, and what agents and attorneys are really after when they receive the results of a polygraph examination. You’ll also hear some tips and tricks about deception that can inform your everyday interactions.

3 Key Points:

  1.   Polygraph is a tool alongside non-verbals and behavior analysis questions to determine whether someone is telling the truth. 
  2.   Being nervous is part of taking the polygraph test. Being nervous will not affect the test, but helps to establish your baseline. 

3.   When you ask someone a question, pay attention to whether they answer it. Then ask more questions to see where they lead.

Direct download: Social-EngineerPodcastEp125.mp3
Category:general -- posted at: 12:00am PDT

1